Page MenuHomeFreeBSD

ipfw: fix matching and setting DSCP value for IPv6

Authored by ae on Apr 6 2022, 7:18 PM.
Referenced Files
Unknown Object (File)
Wed, Jul 10, 8:30 PM
Unknown Object (File)
Fri, Jun 28, 3:04 PM
Unknown Object (File)
Sat, Jun 15, 9:33 PM
Unknown Object (File)
Sat, Jun 15, 7:16 PM
Unknown Object (File)
Jun 13 2024, 6:43 AM
Unknown Object (File)
Jun 2 2024, 11:27 AM
Unknown Object (File)
May 30 2024, 2:07 AM
Unknown Object (File)
May 16 2024, 8:57 AM



Matching for DSCP codes used incorrect bits. It used both
cached in f_id value and stored in the IPv6 header value,
thus it did not always work after setdscp action, since
cached value was not updated. Now we always use value stored
in the header via IPV6_DSCP() macro. Also added logging support
for O_SETDSCP opcode.

Diff Detail

rG FreeBSD src repository
Lint Not Applicable
Tests Not Applicable

Event Timeline

ae held this revision as a draft.
ae published this revision for review.Apr 6 2022, 7:20 PM
ae added reviewers: network, kp, melifaro.

To the extent that I understand ipfw this looks good to me.
Now that we update both the IP header and the cached value we arguably don't need the first two hunks of diff (to look at the header rather than the cached value), but it is shorter and easier to read this way.

This revision is now accepted and ready to land.Apr 7 2022, 7:18 AM