ipfw2 (was Re: Hard-coded M_* flags)

YONETANI Tomokazu qhwt+dfly at les.ath.cx
Sun Jun 11 03:20:56 PDT 2006

On Thu, Jun 08, 2006 at 12:41:51PM +0900, YONETANI Tomokazu wrote:
> [hardcoded M_ flags]
>   M_SKIP_FIREWALL: defined as 0x4000, which conflicts with M_EXT_CLUSTER
>     /sys/net/ipfw/ip_fw2.c

Can I commit the following patch?  This only helps ipv4-only environment,
but those who are in ipv6 network are not probably using ipfw2.
Without this, you get a kernel panic in m_free() as soon as ipfw2
sends out a packet generated by send_pkt().

Index: sys/net/ipfw/ip_fw2.c
RCS file: /home/source/dragonfly/cvs/src/sys/net/ipfw/ip_fw2.c,v
retrieving revision 1.17
diff -u -p -r1.17 ip_fw2.c
--- sys/net/ipfw/ip_fw2.c	17 Jun 2005 19:12:19 -0000	1.17
+++ sys/net/ipfw/ip_fw2.c	11 Jun 2006 09:55:23 -0000
@@ -82,7 +82,7 @@
  * a firewall-generated packet loops forever through the firewall.
-#define M_SKIP_FIREWALL         0x4000
+#define M_SKIP_FIREWALL         M_PROTO5

More information about the Submit mailing list