[Bug 203585] update 235959 and 235961 breaks ipv6 layer 4 checksums in ipf
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Tue Oct 6 13:02:41 UTC 2015
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=203585
Bug ID: 203585
Summary: update 235959 and 235961 breaks ipv6 layer 4
checksums in ipf
Product: Base System
Version: 10.2-STABLE
Hardware: Any
OS: Any
Status: New
Severity: Affects Some People
Priority: ---
Component: kern
Assignee: freebsd-bugs at FreeBSD.org
Reporter: andywhite at gmail.com
r235959 changes ipv6 layer4 checksums for udp and
r235961 changes ipv6 layer4 checksums for tcp
these changes result in th_sum and uh_sum only containing pseudo checksum data,
which breaks ipfilter checksum verification for stateful ipv6 .
sys/contrib/ipfilter/netinet/fil.c compares for tcp
csump = &((tcphdr_t *)fin->fin_dp)->th_sum;
or for udp
csump = &udp->uh_sum;
against ipfilters own checksum functions fr_cksum , to validate checksums, this
check now fails, resulting in ipfilter not being able to function statefully
for ipv6 tcp/udp
see bug 203275
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the freebsd-bugs
mailing list