Reactivate skipping over bogus IPCP addresses on ppp interfaces. Be more

careful with the skip condition this time. Addresses are only not taken into account if: - The interface is POINTTOPOINT - There is no route installed for the address - The user specified noalias (:0) and - We are looking at an IPv4 address. This should be enough paranoia to not cause any false positives. PR: misc/69954 Discussed with: yongari MFC after: 4 days
svn path=/head/; revision=135215
2025-01-22 16:44:32 +01:00 · 2004-09-14 15:20:24 +00:00 · 2004-09-14 15:20:24 +00:00 · 4758aa2bd4 · 2020-12-20 02:59:44 +00:00
commit 4758aa2bd4
parent 0cd82603c0
1 changed files with 10 additions and 2 deletions
--- a/sys/contrib/pf/net/pf_if.c
+++ b/sys/contrib/pf/net/pf_if.c
@ -638,8 +638,16 @@ pfi_instance_add(struct ifnet *ifp, int net, int flags)
 		af = ia->ifa_addr->sa_family;
 		if (af != AF_INET && af != AF_INET6)
 			continue;
-#ifdef notyet
-		if (!(ia->ifa_flags & IFA_ROUTE))
+#ifdef __FreeBSD__
+		/*
+		 * XXX: For point-to-point interfaces, (ifname:0) and IPv4,
+		 *	jump over addresses without a proper route to work
+		 *	around a problem with ppp not fully removing the
+		 *	address used during IPCP.
+		 */
+		if ((ifp->if_flags & IFF_POINTOPOINT) &&
+		    !(ia->ifa_flags & IFA_ROUTE) &&
+		    (flags & PFI_AFLAG_NOALIAS) && (af == AF_INET))
 			continue;
 #endif
 		if ((flags & PFI_AFLAG_BROADCAST) && af == AF_INET6)