Date: Fri, 11 Jan 2019 01:54:15 +0000 (UTC) From: "Andrey V. Elsukov" <ae@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r342925 - head/sys/netpfil/ipfw Message-ID: <201901110154.x0B1sFpZ005100@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: ae Date: Fri Jan 11 01:54:15 2019 New Revision: 342925 URL: https://svnweb.freebsd.org/changeset/base/342925 Log: Relax requirement to packet size of CARP protocol and remove version check. CARP shares protocol number 112 with VRRP (RFC 5798). And the size of VRRP packet may be smaller than CARP. ipfw_chk() does m_pullup() to at least sizeof(struct carp_header) and can fail when packet is VRRP. This leads to packet drop and message about failed pullup attempt. Also, RFC 5798 defines version 3 of VRRP protocol, this version number also unsupported by CARP and such check leads to packet drop. carp_input() does its own checks for protocol version and packet size, so we can remove these checks to be able pass VRRP packets. PR: 234207 MFC after: 1 week Modified: head/sys/netpfil/ipfw/ip_fw2.c Modified: head/sys/netpfil/ipfw/ip_fw2.c ============================================================================== --- head/sys/netpfil/ipfw/ip_fw2.c Fri Jan 11 01:42:47 2019 (r342924) +++ head/sys/netpfil/ipfw/ip_fw2.c Fri Jan 11 01:54:15 2019 (r342925) @@ -1591,12 +1591,10 @@ do { \ break; case IPPROTO_CARP: - PULLUP_TO(hlen, ulp, struct carp_header); - if (((struct carp_header *)ulp)->carp_version != - CARP_VERSION) - return (IP_FW_DENY); - if (((struct carp_header *)ulp)->carp_type != - CARP_ADVERTISEMENT) + PULLUP_TO(hlen, ulp, offsetof( + struct carp_header, carp_counter)); + if (CARP_ADVERTISEMENT != + ((struct carp_header *)ulp)->carp_type) return (IP_FW_DENY); break;
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201901110154.x0B1sFpZ005100>