When performing IP fast forwarding, immediately drop traffic which is

destined for a blackhole route. This also means that blackhole routes do not need to be bound to lo(4) or disc(4) interfaces for the net.inet.ip.fastforwarding=1 case. Submitted by: james at towardex dot com Sponsored by: eXtensible Open Router Project <URL:http://www.xorp.org/> MFC after: 3 weeks
svn path=/head/; revision=137179
2004-11-04 02:14:38 +00:00 · 2004-11-04 02:14:38 +00:00 · 38f061057b · 2020-12-20 02:59:44 +00:00
commit 38f061057b
parent dc00ca0e43
1 changed files with 6 additions and 0 deletions
--- a/sys/netinet/ip_fastfwd.c
+++ b/sys/netinet/ip_fastfwd.c
@ -432,6 +432,12 @@ ip_fastforward(struct mbuf *m)
 		return 1;	/* icmp unreach already sent */
 	ifp = ro.ro_rt->rt_ifp;

+	/*
+	 * Immediately drop blackholed traffic.
+	 */
+	if (ro.ro_rt->rt_flags & RTF_BLACKHOLE)
+		goto drop;
+
 	/*
 	 * Step 5: outgoing firewall packet processing
 	 */