bin/104746: [PATCH] 'traceroute -e -P TCP' cannot work through a
router which does NAT by PF
Rostislav Krasny
rosti.bsd at gmail.com
Tue Oct 24 05:30:24 PDT 2006
>Number: 104746
>Category: bin
>Synopsis: [PATCH] 'traceroute -e -P TCP' cannot work through a router which does NAT by PF
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Tue Oct 24 12:30:22 GMT 2006
>Closed-Date:
>Last-Modified:
>Originator: Rostislav Krasny
>Release: 6.2-PRERELEASE
>Organization:
>Environment:
FreeBSD saturn.lan 6.2-PRERELEASE FreeBSD 6.2-PRERELEASE #0: Sat Oct 21 22:50:39 IST 2006 root at saturn.lan:/usr/obj/usr/src/sys/MYKERNEL i386
>Description:
> traceroute -nq 1 -e -P TCP -p 80 216.136.204.117
traceroute to 216.136.204.117 (216.136.204.117), 64 hops max, 52 bytepackets
1 192.168.1.1 0.619 ms
2 10.0.0.138 2.108 ms
3 192.168.1.1 0.481 ms !H
Also, read following discussion:
http://lists.freebsd.org/pipermail/freebsd-net/2006-August/011382.html
http://lists.freebsd.org/pipermail/freebsd-net/2006-August/011397.html
http://lists.freebsd.org/pipermail/freebsd-net/2006-August/011401.html
http://lists.freebsd.org/pipermail/freebsd-net/2006-August/011409.html
http://lists.freebsd.org/pipermail/freebsd-net/2006-October/012136.html
>How-To-Repeat:
See the above description
>Fix:
--- traceroute.c.orig Fri Aug 18 18:52:57 2006
+++ traceroute.c Sat Oct 14 18:49:11 2006
@@ -721,7 +721,8 @@ main(int argc, char **argv)
outip->ip_dst = to->sin_addr;
outip->ip_hl = (outp - (u_char *)outip) >> 2;
- ident = (getpid() & 0xffff) | 0x8000;
+ ident = getpid();
+ ident = ((ident << CHAR_BIT) | (ident >> CHAR_BIT) & 0xffff) | 0x8000;
if (pe == NULL) {
Fprintf(stderr, "%s: unknown protocol %s\n", prog, cp);
@@ -1355,7 +1356,7 @@ tcp_prep(struct outdata *outdata)
{
struct tcphdr *const tcp = (struct tcphdr *) outp;
- tcp->th_sport = htons(ident);
+ tcp->th_sport = htons(ident + (fixedPort ? outdata->seq : 0));
tcp->th_dport = htons(port + (fixedPort ? 0 : outdata->seq));
tcp->th_seq = (tcp->th_sport << 16) | (tcp->th_dport +
(fixedPort ? outdata->seq : 0));
@@ -1375,9 +1376,10 @@ tcp_check(const u_char *data, int seq)
{
struct tcphdr *const tcp = (struct tcphdr *) data;
- return (ntohs(tcp->th_sport) == ident
+ return (ntohs(tcp->th_sport) == ident + (fixedPort ? seq : 0)
&& ntohs(tcp->th_dport) == port + (fixedPort ? 0 : seq))
- && tcp->th_seq == (ident << 16) | (port + seq);
+ && tcp->th_seq == (tcp->th_sport << 16) |
+ (port + (fixedPort ? seq : 0));
}
void
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-bugs
mailing list