From 7110ea75c40d8a4e7eb1ff0c94d828cc73f2e2f7 Mon Sep 17 00:00:00 2001 From: Gleb Smirnoff Date: Tue, 30 Aug 2022 20:12:21 -0700 Subject: [PATCH] ipfw: remove setting of SO_BROADCAST on the divert(4) socket My review of the FreeBSD kernel code reveals that this setting a) is ignored by the kernel b) is not required. The sending side of divert(4) never checks so->so_options, but always gives IP_ALLOWBROADCAST to ip_output(). --- src/source-ipfw.c | 10 ---------- 1 file changed, 10 deletions(-) diff --git a/src/source-ipfw.c b/src/source-ipfw.c index 1fe8ce0055..58f8c446f4 100644 --- a/src/source-ipfw.c +++ b/src/source-ipfw.c @@ -322,7 +322,6 @@ TmEcode ReceiveIPFWLoop(ThreadVars *tv, void *data, void *slot) TmEcode ReceiveIPFWThreadInit(ThreadVars *tv, const void *initdata, void **data) { struct timeval timev; - int flag; IPFWThreadVars *ntv = (IPFWThreadVars *) initdata; IPFWQueueVars *nq = IPFWGetQueue(ntv->ipfw_index); @@ -353,15 +352,6 @@ TmEcode ReceiveIPFWThreadInit(ThreadVars *tv, const void *initdata, void **data) SCReturnInt(TM_ECODE_FAILED); } - /* set SO_BROADCAST on the divert socket, otherwise sendto() - * returns EACCES when reinjecting broadcast packets. */ - flag = 1; - - if (setsockopt(nq->fd, SOL_SOCKET, SO_BROADCAST, &flag, sizeof(flag)) == -1) { - SCLogError(SC_ERR_IPFW_SETSOCKOPT,"Can't set IPFW divert socket broadcast flag: %s", strerror(errno)); - SCReturnInt(TM_ECODE_FAILED); - } - nq->ipfw_sinlen=sizeof(nq->ipfw_sin); memset(&nq->ipfw_sin, 0, nq->ipfw_sinlen); nq->ipfw_sin.sin_family = PF_INET; -- 2.47.2