[Bug 273618] [pf] Port redirects for packets received on loopback have bad checksums

Reply: bugzilla-noreply_a_freebsd.org: "[Bug 273618] [pf] Port redirects for packets received on loopback have bad checksums"
Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: <bugzilla-noreply_at_freebsd.org>
Date: Thu, 07 Sep 2023 16:10:43 UTC

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=273618

            Bug ID: 273618
           Summary: [pf] Port redirects for packets received on loopback
                    have bad checksums
           Product: Base System
           Version: 13.2-STABLE
          Hardware: Any
                OS: Any
            Status: New
          Severity: Affects Only Me
          Priority: ---
         Component: kern
          Assignee: bugs@FreeBSD.org
          Reporter: dfr@rabson.org

Normally packets received on loopback bypass the tcp checksum calculation since
the packet is expected to not leave the host. The packet header is marked as
having a good checksum in looutput() even though the th_csum field (for tcp
packets) just contains the pseudo header partial sum.

If the packet's destination address is re-written to an address which routes it
to some other host, the packet will be delivered with a bad checksum and
discarded by the target's tcp stack. I can work around this with 'ifconfig lo0
-txcsum' but it would be better if there was a way for pf to detect this
situation and repair the checksum.

-- 
You are receiving this mail because:
You are the assignee for the bug.