Re: git: b88df1e893c4 - main - Reapply "sbin/ping: allow normal users to specify larger packets"
- Reply: Gleb Smirnoff : "Re: git: b88df1e893c4 - main - Reapply "sbin/ping: allow normal users to specify larger packets""
- In reply to: Pedro F. Giffuni: "git: b88df1e893c4 - main - Reapply "sbin/ping: allow normal users to specify larger packets""
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Fri, 18 Oct 2024 21:15:43 UTC
Hi Pedro, let me help to explain you what Maxim is talking about. ping(8) before your change: # ping -c 1 -s 65507 10.1.10.1 PING 10.1.10.1 (10.1.10.1): 65507 data bytes 65515 bytes from 10.1.10.1: icmp_seq=0 ttl=64 time=2.078 ms --- 10.1.10.1 ping statistics --- 1 packets transmitted, 1 packets received, 0.0% packet loss round-trip min/avg/max/stddev = 2.078/2.078/2.078/0.000 ms After your change: # ping -s 65507 10.1.10.1 ping: packet size too large: 65507 > 65467 This is the regression Maxim is pointing you at. Also, after your patch (running from non-root): > ping -s 10000 10.1.10.1 PING 10.1.10.1 (10.1.10.1): 10000 data bytes ping: sendto: Message too long And this just shows that you didn't even fully achieve what you wanted. To achieve what you want, you first need to fully revert your patch, and then apply the attached patch. It will consistently disable all the size checks that _our_ ping has, instead of incorrectly and blindly applying a diff from DragonflyBSD. HOWEVER, PLEASE DO NOT COMMIT the attached patch! Please revert what you already committed and start a normal review process on phabricator. You can use my attached patch as a start. Please put both the #network group and the #secteam group. This is a kind of sensitive change that can't be done by a drive by commit. P.S. If you are pinging FreeBSD host, the other side needs to have increased maxfrag to reply: # sysctl net.inet.ip.maxfragsperpacket=44 -- Gleb Smirnoff