Date: Thu, 3 May 2007 14:01:46 +1200 From: Matthew Luckie <mluckie@cs.waikato.ac.nz> To: freebsd-net@freebsd.org Subject: UDP checksums in ICMP quotes Message-ID: <20070503020146.GA96616@sorcerer.cs.waikato.ac.nz>
next in thread | raw e-mail | index | archive | help
At the moment, freebsd checks a UDP checksum in place, overwriting whatever is there. This has a side effect of the ICMP code sending back the first eight bytes of the UDP payload with 2 bytes different to what that system sent. For example: listening on lo0, link-type NULL (BSD loopback), capture size 1500 bytes 13:41:24.382239 IP localhost.40858 > localhost.33435: UDP, length 12 0x0000: 0200 0000 4500 0028 9f9b 0000 0111 1c28 0x0010: 7f00 0001 7f00 0001 9f9a 829b 0014 df8d 0x0020: 0000 0000 0000 0000 0000 0000 13:41:24.382250 IP localhost > localhost: ICMP localhost udp port 33435 unreachable, length 36 0x0000: 0200 0000 4500 0038 00cc 0000 4001 7bf7 0x0010: 7f00 0001 7f00 0001 0303 dab2 0000 0000 0x0020: 4500 0028 9f9b 0000 0111 1c28 7f00 0001 0x0030: 7f00 0001 9f9a 829b 0014 0000 With the patch below, the checksum is not checked in place -- i.e. 13:54:47.371646 IP localhost.33826 > localhost.33435: UDP, length 12 0x0000: 0200 0000 4500 0028 8423 0000 0111 37a0 0x0010: 7f00 0001 7f00 0001 8422 829b 0014 fb05 0x0020: 0000 0000 0000 0000 0000 0000 13:54:47.371658 IP localhost > localhost: ICMP localhost udp port 33435 unreachable, length 36 0x0000: 0200 0000 4500 0038 001b 0000 4001 7ca8 0x0010: 7f00 0001 7f00 0001 0303 fb24 0000 0000 0x0020: 4500 0028 8423 0000 0111 37a0 7f00 0001 0x0030: 7f00 0001 8422 829b 0014 fb05 Patch is against -current, but applies just fine to FreeBSD 6.2 as well. --- udp_usrreq.c.orig Thu May 3 12:24:55 2007 +++ udp_usrreq.c Thu May 3 12:26:47 2007 @@ -248,23 +248,24 @@ * Checksum extended UDP header and data. */ if (uh->uh_sum) { + u_short uh_sum; if (m->m_pkthdr.csum_flags & CSUM_DATA_VALID) { if (m->m_pkthdr.csum_flags & CSUM_PSEUDO_HDR) - uh->uh_sum = m->m_pkthdr.csum_data; + uh_sum = m->m_pkthdr.csum_data; else - uh->uh_sum = in_pseudo(ip->ip_src.s_addr, + uh_sum = in_pseudo(ip->ip_src.s_addr, ip->ip_dst.s_addr, htonl((u_short)len + m->m_pkthdr.csum_data + IPPROTO_UDP)); - uh->uh_sum ^= 0xffff; + uh_sum ^= 0xffff; } else { char b[9]; bcopy(((struct ipovly *)ip)->ih_x1, b, 9); bzero(((struct ipovly *)ip)->ih_x1, 9); ((struct ipovly *)ip)->ih_len = uh->uh_ulen; - uh->uh_sum = in_cksum(m, len + sizeof (struct ip)); + uh_sum = in_cksum(m, len + sizeof (struct ip)); bcopy(b, ((struct ipovly *)ip)->ih_x1, 9); } - if (uh->uh_sum) { + if (uh_sum) { udpstat.udps_badsum++; m_freem(m); return;
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20070503020146.GA96616>