From d5006d19717335dcc681e2b460e95d94e04e26f8 Mon Sep 17 00:00:00 2001 From: Claudio Jeker Date: Wed, 2 Dec 2015 21:09:07 +0000 Subject: More rt_ifp killing. There checks in in_arpinput() to verify that the arp packet was recieved on the interface we expected. This is because multicast and broadcast packets are sometimes forwarded on multiple local interfaces. So simplify the checks and make them more generic at the same time (in the SIN_PROXY case). For SIN_PROXY only the interface holding the proxy arp route will answer to the requests. OK mpi@ --- sys/netinet/if_ether.c | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) (limited to 'sys/netinet/if_ether.c') diff --git a/sys/netinet/if_ether.c b/sys/netinet/if_ether.c index 031ec9dc3a2..763acab56ff 100644 --- a/sys/netinet/if_ether.c +++ b/sys/netinet/if_ether.c @@ -1,4 +1,4 @@ -/* $OpenBSD: if_ether.c,v 1.195 2015/12/02 18:38:19 claudio Exp $ */ +/* $OpenBSD: if_ether.c,v 1.196 2015/12/02 21:09:06 claudio Exp $ */ /* $NetBSD: if_ether.c,v 1.31 1996/05/11 12:59:58 mycroft Exp $ */ /* @@ -560,7 +560,7 @@ in_arpinput(struct mbuf *m) ether_sprintf(ea->arp_sha), ifp->if_xname); goto out; - } else if (rt->rt_ifp != ifp) { + } else if (rt->rt_ifidx != ifp->if_index) { #if NCARP > 0 if (ifp->if_type != IFT_CARP) #endif @@ -639,10 +639,9 @@ out: rt = arplookup(itaddr.s_addr, 0, SIN_PROXY, rdomain); if (rt == NULL) goto out; -#if NCARP > 0 - if (rt->rt_ifp->if_type == IFT_CARP && ifp->if_type != IFT_CARP) + /* protect from possible duplicates only owner should respond */ + if (rt->rt_ifidx != ifp->if_index) goto out; -#endif memcpy(ea->arp_tha, ea->arp_sha, sizeof(ea->arp_sha)); sdl = satosdl(rt->rt_gateway); memcpy(ea->arp_sha, LLADDR(sdl), sizeof(ea->arp_sha)); -- cgit v1.2.3