diff options
| author | Gleb Smirnoff <glebius@FreeBSD.org> | 2019-02-08 06:19:28 +0000 |
|---|---|---|
| committer | Gleb Smirnoff <glebius@FreeBSD.org> | 2019-02-08 06:19:28 +0000 |
| commit | 938864b71b040fd660b1e8c53221114dfb9bd6bb (patch) | |
| tree | e961e0dbb58af6a9a35f6d9e1ca1d67e522eb2c8 /sys/netgraph | |
| parent | 7cdb0b9d825c3a7d1361127304eb28c0ff058065 (diff) | |
| download | src-938864b71b040fd660b1e8c53221114dfb9bd6bb.tar.gz src-938864b71b040fd660b1e8c53221114dfb9bd6bb.zip | |
Allow some nesting of ng_iface(4) interfaces and add a configuration knob.
PR: 235500
MFC after: 1 week
Notes
Notes:
svn path=/head/; revision=343895
Diffstat (limited to 'sys/netgraph')
| -rw-r--r-- | sys/netgraph/ng_iface.c | 11 |
1 files changed, 10 insertions, 1 deletions
diff --git a/sys/netgraph/ng_iface.c b/sys/netgraph/ng_iface.c index 7f3b8b16c0a4..f1ddce70c86d 100644 --- a/sys/netgraph/ng_iface.c +++ b/sys/netgraph/ng_iface.c @@ -68,6 +68,7 @@ #include <sys/rmlock.h> #include <sys/sockio.h> #include <sys/socket.h> +#include <sys/sysctl.h> #include <sys/syslog.h> #include <sys/libkern.h> @@ -92,6 +93,13 @@ static MALLOC_DEFINE(M_NETGRAPH_IFACE, "netgraph_iface", "netgraph iface node"); #define M_NETGRAPH_IFACE M_NETGRAPH #endif +static SYSCTL_NODE(_net_graph, OID_AUTO, iface, CTLFLAG_RW, 0, + "Point to point netgraph interface"); +VNET_DEFINE_STATIC(int, ng_iface_max_nest) = 2; +#define V_ng_iface_max_nest VNET(ng_iface_max_nest) +SYSCTL_INT(_net_graph_iface, OID_AUTO, max_nesting, CTLFLAG_VNET | CTLFLAG_RW, + &VNET_NAME(ng_iface_max_nest), 0, "Max nested tunnels"); + /* This struct describes one address family */ struct iffam { sa_family_t family; /* Address family */ @@ -355,7 +363,8 @@ ng_iface_output(struct ifnet *ifp, struct mbuf *m, } /* Protect from deadly infinite recursion. */ - error = if_tunnel_check_nesting(ifp, m, NGM_IFACE_COOKIE, 1); + error = if_tunnel_check_nesting(ifp, m, NGM_IFACE_COOKIE, + V_ng_iface_max_nest); if (error) { m_freem(m); return (error); |