From 999e6770f8022d2fc02fb28ad511cbfd28d28508 Mon Sep 17 00:00:00 2001 From: Martin Pieuchot Date: Sun, 13 Sep 2015 13:57:08 +0000 Subject: Get the default loopback interface pointer just after doing a route lookup to ensure pf_test() is called with the same interface in the input annd output path for local traffic. Fix a regression reported by Heiko Zimmermann on bugs@, thanks! ok mikeb@, claudio@ --- sys/netinet/ip_output.c | 7 +++++-- sys/netinet6/ip6_output.c | 7 +++++-- 2 files changed, 10 insertions(+), 4 deletions(-) diff --git a/sys/netinet/ip_output.c b/sys/netinet/ip_output.c index 805c3776eb6..5ca69d5a69e 100644 --- a/sys/netinet/ip_output.c +++ b/sys/netinet/ip_output.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ip_output.c,v 1.296 2015/09/12 20:26:07 mpi Exp $ */ +/* $OpenBSD: ip_output.c,v 1.297 2015/09/13 13:57:07 mpi Exp $ */ /* $NetBSD: ip_output.c,v 1.28 1996/02/13 23:43:07 christos Exp $ */ /* @@ -201,7 +201,10 @@ reroute: } ia = ifatoia(ro->ro_rt->rt_ifa); - ifp = if_ref(ro->ro_rt->rt_ifp); + if (ISSET(ro->ro_rt->rt_flags, RTF_LOCAL)) + ifp = if_ref(lo0ifp); + else + ifp = if_ref(ro->ro_rt->rt_ifp); if ((mtu = ro->ro_rt->rt_rmx.rmx_mtu) == 0) mtu = ifp->if_mtu; ro->ro_rt->rt_use++; diff --git a/sys/netinet6/ip6_output.c b/sys/netinet6/ip6_output.c index 076cd409dbd..d4d8348d77b 100644 --- a/sys/netinet6/ip6_output.c +++ b/sys/netinet6/ip6_output.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ip6_output.c,v 1.187 2015/09/12 20:26:07 mpi Exp $ */ +/* $OpenBSD: ip6_output.c,v 1.188 2015/09/13 13:57:07 mpi Exp $ */ /* $KAME: ip6_output.c,v 1.172 2001/03/25 09:55:56 itojun Exp $ */ /* @@ -550,7 +550,10 @@ reroute: error = EHOSTUNREACH; goto bad; } - ifp = if_ref(rt->rt_ifp); + if (ISSET(rt->rt_flags, RTF_LOCAL)) + ifp = if_ref(lo0ifp); + else + ifp = if_ref(rt->rt_ifp); } else { *dst = dstsock; } -- cgit v1.2.3