kern/157239: [ipfw] [dummynet] ipfw + dummynet corrupts ipv6 packets

Manuel Kasper mk at neon1.net
Sat Jun 4 13:00:25 UTC 2011 

The following reply was made to PR kern/157239; it has been noted by GNATS.

From: Manuel Kasper <mk at neon1.net>
To: bug-followup at FreeBSD.org
Cc: crest at tzi.de
Subject: Re: kern/157239: [ipfw] [dummynet] ipfw + dummynet corrupts ipv6 packets
Date: Sat, 4 Jun 2011 14:37:56 +0200

 --Apple-Mail-18-318878430
 Content-Transfer-Encoding: quoted-printable
 Content-Type: text/plain;
 	charset=us-ascii
 
 I've been able to reproduce this on a FreeBSD 9.0-CURRENT snapshot dated =
 May 12 as well, but the behavior is a bit different compared to 8.2 with =
 respect to direction and one_pass setting:
 
 FreeBSD 8.2:
 - dummynet on input,  one_pass=3D0: OK
 - dummynet on input,  one_pass=3D1: broken
 - dummynet on output, one_pass=3D0: broken
 - dummynet on output, one_pass=3D1: broken
 
 FreeBSD 9:
 - dummynet on input,  one_pass=3D0: OK
 - dummynet on input,  one_pass=3D1: broken
 - dummynet on output, one_pass=3D0: broken
 - dummynet on output, one_pass=3D1: OK
 
 Also, I believe I've found the cause: ipfw/dummynet code uses =
 SET_HOST_IPLEN on IPv6 packets in two instances, thus inadvertently =
 swapping the next header and hop limit fields in the IPv6 header, =
 causing the "Unknown Extension Header" warnings and dropped packets (or =
 bad packets appearing on the wire if =
 net.inet6.ip6.fw.deny_unknown_exthdrs=3D0).
 
 A patch against 8.2-RELEASE that fixes this issue for me is attached - =
 Jan, could you please verify if this fixes the issue for you too?
 
 - Manuel
 
 --Apple-Mail-18-318878430
 Content-Disposition: attachment;
 	filename=dummynet_v6.patch
 Content-Type: application/octet-stream;
 	name="dummynet_v6.patch"
 Content-Transfer-Encoding: 7bit
 
 --- sys/netinet/ipfw/ip_dn_io.c.orig	2010-12-28 13:18:46.000000000 +0100
 +++ sys/netinet/ipfw/ip_dn_io.c	2011-06-04 14:35:45.305439000 +0200
 @@ -610,7 +610,6 @@
  			break;
  
  		case DIR_OUT | PROTO_IPV6:
 -			SET_HOST_IPLEN(mtod(m, struct ip *));
  			ip6_output(m, NULL, NULL, IPV6_FORWARDING, NULL, NULL, NULL);
  			break;
  #endif
 --- sys/netinet/ipfw/ip_fw_pfil.c.orig	2010-12-21 18:09:25.000000000 +0100
 +++ sys/netinet/ipfw/ip_fw_pfil.c	2011-06-04 14:35:45.305439000 +0200
 @@ -127,7 +127,8 @@
  		args.rule = *((struct ipfw_rule_ref *)(tag+1));
  		m_tag_delete(*m0, tag);
  		if (args.rule.info & IPFW_ONEPASS) {
 -			SET_HOST_IPLEN(mtod(*m0, struct ip *));
 +			if (mtod(*m0, struct ip *)->ip_v == 4)
 +				SET_HOST_IPLEN(mtod(*m0, struct ip *));
  			return 0;
  		}
  	}
 
 --Apple-Mail-18-318878430--

More information about the freebsd-ipfw mailing list