Summary: | ipfw fwd don't change output interface/gateway in Freebsd 13.0 | ||||||
---|---|---|---|---|---|---|---|
Product: | Base System | Reporter: | Andrey Blochintsev <bag> | ||||
Component: | kern | Assignee: | Alexander V. Chernikov <melifaro> | ||||
Status: | Closed DUPLICATE | ||||||
Severity: | Affects Some People | CC: | ae, bag, delphij, dewayne, eugen, re | ||||
Priority: | --- | ||||||
Version: | 13.0-STABLE | ||||||
Hardware: | Any | ||||||
OS: | Any | ||||||
See Also: | https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=256828 | ||||||
Attachments: |
|
I suspect that this PR describes the same problem as: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=256828 (June 2021) -> melifaro@ for triage. A commit in branch main references this bug: URL: https://cgit.FreeBSD.org/src/commit/?id=7d98cc096b995ca3bfd85277ed009b0f872c3e1b commit 7d98cc096b995ca3bfd85277ed009b0f872c3e1b Author: Andrey V. Elsukov <ae@FreeBSD.org> AuthorDate: 2022-04-01 13:49:25 +0000 Commit: Andrey V. Elsukov <ae@FreeBSD.org> CommitDate: 2022-04-11 11:16:43 +0000 Fix ipfw fwd that doesn't work in some cases For IPv4 use dst pointer as destination address in fib4_lookup(). It keeps destination address from IPv4 header and can be changed when PACKET_TAG_IPFORWARD tag was set by packet filter. For IPv6 override destination address with address from dst_sa.sin6_addr, that was set from PACKET_TAG_IPFORWARD tag. Reviewed by: eugen MFC after: 1 week PR: 256828, 261697, 255705 Differential Revision: https://reviews.freebsd.org/D34732 sys/netinet/ip_output.c | 2 +- sys/netinet6/ip6_output.c | 2 ++ 2 files changed, 3 insertions(+), 1 deletion(-) A commit in branch stable/13 references this bug: URL: https://cgit.FreeBSD.org/src/commit/?id=17c9c2049004038ed6f2dc23a64cb9f74411ec52 commit 17c9c2049004038ed6f2dc23a64cb9f74411ec52 Author: Andrey V. Elsukov <ae@FreeBSD.org> AuthorDate: 2022-04-01 13:49:25 +0000 Commit: Andrey V. Elsukov <ae@FreeBSD.org> CommitDate: 2022-04-18 08:58:45 +0000 Fix ipfw fwd that doesn't work in some cases For IPv4 use dst pointer as destination address in fib4_lookup(). It keeps destination address from IPv4 header and can be changed when PACKET_TAG_IPFORWARD tag was set by packet filter. For IPv6 override destination address with address from dst_sa.sin6_addr, that was set from PACKET_TAG_IPFORWARD tag. Reviewed by: eugen PR: 256828, 261697, 255705 Differential Revision: https://reviews.freebsd.org/D34732 (cherry picked from commit 7d98cc096b995ca3bfd85277ed009b0f872c3e1b) sys/netinet/ip_output.c | 2 +- sys/netinet6/ip6_output.c | 2 ++ 2 files changed, 3 insertions(+), 1 deletion(-) Duplicate of already fixed PR 256828. *** This bug has been marked as a duplicate of bug 256828 *** |
Created attachment 231541 [details] "ipfw fwd REMOTE" fix for FreeBSD 13.0 "ipfw fwd RemoteIP ...." is broken in FreeBSD 13.0 (it works as "pass" but no change in packet path).