NAT Taversal bug in kernel patch ?
ashoke saha
ashoke at rocketmail.com
Tue Jan 2 03:26:41 PST 2007
Hi ,
just joined the mailibng list. I was implementing
NAT traversal based on the patch and my kernel was
panicking because of wrong ipsec config, which it
should not whatever be the config.
Looks like there is a small issue in the code
http://ipsec-tools.sourceforge.net/freebsd6-natt.diff
which might already be fixed.
Look at the call of the function
udp4_espinudp () in udp append. Now under certain
circumstances it is possible that udp4_espinudp ()
calls m_pullup() and it would add a new pkt header to
the mbuf chain. But udp_append() is still holding the
old head, whose PKTHDR flag is now off. It then sends
the pkt further up and kernel does as panic as it does
not see PKTHDR flag.
ashoke.
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
More information about the freebsd-net
mailing list