diff options
| author | Bruce M Simpson <bms@FreeBSD.org> | 2004-11-04 02:14:38 +0000 |
|---|---|---|
| committer | Bruce M Simpson <bms@FreeBSD.org> | 2004-11-04 02:14:38 +0000 |
| commit | 38f061057b076aff67a81e0aa873afb6a78d04fb (patch) | |
| tree | f41b8b7f4e3b33157e552d3f9cdffdcedc2a1673 /sys/netinet/ip_fastfwd.c | |
| parent | dc00ca0e43a8bcf9f576adaa75cf14143d7e3ca3 (diff) | |
| download | src-38f061057b076aff67a81e0aa873afb6a78d04fb.tar.gz src-38f061057b076aff67a81e0aa873afb6a78d04fb.zip | |
When performing IP fast forwarding, immediately drop traffic which is
destined for a blackhole route.
This also means that blackhole routes do not need to be bound to lo(4)
or disc(4) interfaces for the net.inet.ip.fastforwarding=1 case.
Submitted by: james at towardex dot com
Sponsored by: eXtensible Open Router Project <URL:http://www.xorp.org/>
MFC after: 3 weeks
Notes
Notes:
svn path=/head/; revision=137179
Diffstat (limited to 'sys/netinet/ip_fastfwd.c')
| -rw-r--r-- | sys/netinet/ip_fastfwd.c | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/sys/netinet/ip_fastfwd.c b/sys/netinet/ip_fastfwd.c index 09df699d88cc..1ad7d45b3f4f 100644 --- a/sys/netinet/ip_fastfwd.c +++ b/sys/netinet/ip_fastfwd.c @@ -433,6 +433,12 @@ passin: ifp = ro.ro_rt->rt_ifp; /* + * Immediately drop blackholed traffic. + */ + if (ro.ro_rt->rt_flags & RTF_BLACKHOLE) + goto drop; + + /* * Step 5: outgoing firewall packet processing */ |