From c59311aa99036ce371e34955f8254c300369a3ec Mon Sep 17 00:00:00 2001 From: Sepherosa Ziehau Date: Sat, 28 Mar 2009 11:02:45 +0800 Subject: [PATCH] ipflow: Flush ipflow if a new route is successfully added. ipflow suffers same problem as described in FreeBSD-PR: kern/10778 Though the time of mis-routing will not be "arbitrarily long time" for intermittent packet flow (thanks to the ipflow timeout), it still could be quite long for a constant packet flow. --- sys/netinet/in_rmx.c | 12 ++++++++++++ sys/netinet/ip_flow.c | 11 +++++++++++ sys/netinet/ip_flow.h | 1 + 3 files changed, 24 insertions(+) diff --git a/sys/netinet/in_rmx.c b/sys/netinet/in_rmx.c index 6fc1559c2c..9fb755c6a8 100644 --- a/sys/netinet/in_rmx.c +++ b/sys/netinet/in_rmx.c @@ -58,6 +58,7 @@ #include #include #include +#include #define RTPRF_EXPIRING RTF_PROTO3 /* set on routes we manage */ @@ -136,6 +137,17 @@ in_addroute(char *key, char *mask, struct radix_node_head *head, } } } + + /* + * If the new route has been created successfully, and it is + * not a multicast/broadcast or cloned route, then we will + * have to flush the ipflow. Otherwise, we may end up using + * the wrong route. + */ + if (ret != NULL && + (rt->rt_flags & + (RTF_MULTICAST | RTF_BROADCAST | RTF_WASCLONED)) == 0) + ipflow_flush_oncpu(); return ret; } diff --git a/sys/netinet/ip_flow.c b/sys/netinet/ip_flow.c index 3872761883..5792aea5c3 100644 --- a/sys/netinet/ip_flow.c +++ b/sys/netinet/ip_flow.c @@ -499,6 +499,17 @@ ipflow_create(const struct route *ro, struct mbuf *m) IPFLOW_INSERT(&ipflowtable[hash], ipf); } +void +ipflow_flush_oncpu(void) +{ + struct ipflow *ipf; + + while ((ipf = LIST_FIRST(&ipflowlist)) != NULL) { + IPFLOW_REMOVE(ipf); + IPFLOW_FREE(ipf); + } +} + static void ipflow_init(void) { diff --git a/sys/netinet/ip_flow.h b/sys/netinet/ip_flow.h index a5a7698134..c67e73865e 100644 --- a/sys/netinet/ip_flow.h +++ b/sys/netinet/ip_flow.h @@ -48,6 +48,7 @@ struct route; int ipflow_fastforward(struct mbuf *); void ipflow_create(const struct route *, struct mbuf *); void ipflow_slowtimo(void); +void ipflow_flush_oncpu(void); #endif /* _KERNEL */ -- 2.41.0