kern/73129: IPFW misbehaviour in RELENG_5
Vladimir Ivanov
wawa at yandex-team.ru
Mon Oct 25 09:30:32 PDT 2004
>Number: 73129
>Category: kern
>Synopsis: IPFW misbehaviour in RELENG_5
>Confidential: no
>Severity: serious
>Priority: high
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Mon Oct 25 16:30:31 GMT 2004
>Closed-Date:
>Last-Modified:
>Originator: Vladimir Ivanov
>Release: FreeBSD 5.3-STABLE i386
>Organization:
Yandex LLC
>Environment:
System: FreeBSD wawa.yandex.ru 5.3-STABLE FreeBSD 5.3-STABLE #0: Mon Oct 25 19:21:30 MSD 2004 wawa at wawa.yandex.ru:/usr/src/sys/i386/compile/WAWA i386
>Description:
IPFW does not forward packets which has dst-addr from directly connected network.
>How-To-Repeat:
there are three interfaces on router:
vlan3: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
inet 213.180.192.168 netmask 0xfffffff0 broadcast 213.180.192.175
ether 00:30:48:29:e9:62
media: Ethernet 1000baseTX (1000baseTX <full-duplex>)
status: active
vlan: 3 parent interface: em0
vlan159: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
inet 213.180.200.254 netmask 0xffffff00 broadcast 213.180.200.255
ether 00:30:48:29:e9:62
media: Ethernet 1000baseTX (1000baseTX <full-duplex>)
status: active
vlan: 159 parent interface: em0
vlan169: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
inet 213.180.218.254 netmask 0xffffff00 broadcast 213.180.218.255
ether 00:30:48:29:e9:62
media: Ethernet 1000baseTX (1000baseTX <full-duplex>)
status: active
vlan: 169 parent interface: em0
Firewall:
fwd 213.180.192.162 tcp from 213.180.200.32/28 to 213.180.218.0/24 in via vlan159
allow ip from any to any
The very first firewall command does not forward packets et all. Though it increments counters
I've found a strange piece of code in the module ip_route.c. The problem may be fixed by removing a couple of lines.
I'm not sure whether it is a valid solution cause code is pretty complicated. Author's comments are desirable :-)
>Fix:
--- ip_output.c.orig Sun Oct 3 21:04:40 2004
+++ ip_output.c Mon Oct 25 20:01:59 2004
@@ -706,16 +706,11 @@
/* Or forward to some other address? */
fwd_tag = m_tag_find(m, PACKET_TAG_IPFORWARD, NULL);
if (fwd_tag) {
- if (!in_localip(ip->ip_src) && !in_localaddr(ip->ip_dst)) {
- dst = (struct sockaddr_in *)&ro->ro_dst;
- bcopy((fwd_tag+1), dst, sizeof(struct sockaddr_in));
- m->m_flags |= M_SKIP_FIREWALL;
- m_tag_delete(m, fwd_tag);
- goto again;
- } else {
- m_tag_delete(m, fwd_tag);
- /* Continue. */
- }
+ dst = (struct sockaddr_in *)&ro->ro_dst;
+ bcopy((fwd_tag+1), dst, sizeof(struct sockaddr_in));
+ m->m_flags |= M_SKIP_FIREWALL;
+ m_tag_delete(m, fwd_tag);
+ goto again;
}
#endif
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-bugs
mailing list