From owner-freebsd-ipfw@FreeBSD.ORG  Mon Sep  6 11:00:20 2010
Return-Path: <owner-freebsd-ipfw@FreeBSD.ORG>
Delivered-To: freebsd-ipfw@hub.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 57AEB10656B7
	for <freebsd-ipfw@hub.freebsd.org>;
	Mon,  6 Sep 2010 11:00:20 +0000 (UTC)
	(envelope-from gnats@FreeBSD.org)
Received: from freefall.freebsd.org (freefall.freebsd.org
	[IPv6:2001:4f8:fff6::28])
	by mx1.freebsd.org (Postfix) with ESMTP id 46F5E8FC16
	for <freebsd-ipfw@hub.freebsd.org>;
	Mon,  6 Sep 2010 11:00:20 +0000 (UTC)
Received: from freefall.freebsd.org (localhost [127.0.0.1])
	by freefall.freebsd.org (8.14.4/8.14.4) with ESMTP id o86B0JoR099506
	for <freebsd-ipfw@freefall.freebsd.org>; Mon, 6 Sep 2010 11:00:19 GMT
	(envelope-from gnats@freefall.freebsd.org)
Received: (from gnats@localhost)
	by freefall.freebsd.org (8.14.4/8.14.4/Submit) id o86B0JAd099497;
	Mon, 6 Sep 2010 11:00:19 GMT (envelope-from gnats)
Date: Mon, 6 Sep 2010 11:00:19 GMT
Message-Id: <201009061100.o86B0JAd099497@freefall.freebsd.org>
To: freebsd-ipfw@FreeBSD.org
From: Dan Lukes <dan@obluda.cz>
Cc: 
Subject: Re: kern/128260: [ipfw] [patch] ipfw_divert damages IPv6 packets
X-BeenThere: freebsd-ipfw@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
Reply-To: Dan Lukes <dan@obluda.cz>
List-Id: IPFW Technical Discussions <freebsd-ipfw.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw>,
	<mailto:freebsd-ipfw-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-ipfw>
List-Post: <mailto:freebsd-ipfw@freebsd.org>
List-Help: <mailto:freebsd-ipfw-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw>,
	<mailto:freebsd-ipfw-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 06 Sep 2010 11:00:20 -0000

The following reply was made to PR kern/128260; it has been noted by GNATS.

From: Dan Lukes <dan@obluda.cz>
To: bug-followup@FreeBSD.org
Cc:  
Subject: Re: kern/128260: [ipfw] [patch] ipfw_divert damages IPv6 packets
Date: Mon, 06 Sep 2010 12:08:48 +0200

 The 8.1-RELEASE partially corrects such problem.
 
 But for DIVERT (not the TEE) there are still issues.
 
 For non-tee case, the header is still unconditionally considered to be 
 (struct ip). The
 ip->ip_off & (IP_MF | IP_OFFMASK)
 may be unintentionally true (for a IPv6 packet), then ip_reass will be 
 called with IPv6 packet, which is not apropriate.
 
 We still need to check the IP version:
 
 -       if (!tee && ntohs(ip->ip_off) & (IP_MF | IP_OFFMASK)) {
 +       if (ip->ip_v == 4 && !tee && ntohs(ip->ip_off) & (IP_MF | 
 IP_OFFMASK)) {
 
 Dan