Skip site navigation (1)Skip section navigation (2) 
Date:      Sun, 21 Jan 2001 21:25:25 +0100 (CET)
From:      Jesper Skriver <jesper@skriver.dk>
To:        FreeBSD-gnats-submit@freebsd.org
Subject:   kern/24512: Sent ICMP unreach when packet not for us is received, and forwarding is disabled
Message-ID:  <200101212025.f0LKPPB00717@tam.skriver.dk>
next in thread | raw e-mail | index | archive | help 


>Number:         24512
>Category:       kern
>Synopsis:       Sent ICMP unreach when packet not for us is received, and forwarding is disabled
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          change-request
>Submitter-Id:   current-users
>Arrival-Date:   Sun Jan 21 12:30:01 PST 2001
>Closed-Date:
>Last-Modified:
>Originator:     Jesper Skriver <jesper@skriver.dk>
>Release:        FreeBSD 5.0-CURRENT i386
>Organization:
>Environment:
System: FreeBSD tam 5.0-CURRENT FreeBSD 5.0-CURRENT #0: Sun Jan 21 20:46:42 CET 2001 root@tam:/usr/obj/usr/src/sys/TAM2 i386


	
>Description:

	Sent a ICMP unreachable instead of dropping it silent, if we receive a 
packet not for us, and forwarding disabled.

>How-To-Repeat:
	
>Fix:

	Apply this diff

--- sys/netinet/ip_input.c.old	Sun Jan 21 19:09:58 2001
+++ sys/netinet/ip_input.c	Sun Jan 21 20:39:39 2001
@@ -124,6 +124,10 @@
 	&ip_keepfaith,	0,
 	"Enable packet capture for FAITH IPv4->IPv6 translater daemon");
 
+int	ip_sent_unreach = 1;
+SYSCTL_INT(_net_inet_ip, OID_AUTO, sent_unreach, CTLFLAG_RW, &ip_sent_unreach, 
+	0, "Sent ICMP unreach when packet not for us rx, and forwarding disabled");
+
 #ifdef DIAGNOSTIC
 static int	ipprintfs = 0;
 #endif
@@ -575,7 +579,14 @@
 	 */
 	if (ipforwarding == 0) {
 		ipstat.ips_cantforward++;
-		m_freem(m);
+		/*
+		 * If we receive a packet not for us, and forwarding disabled
+		 * sent a ICMP host unreachable back to the source.
+		 */
+		if (ip_sent_unreach != 0)
+			icmp_error(m, ICMP_UNREACH, ICMP_UNREACH_HOST, 0, 0);
+		else
+			m_freem(m);
 	} else
 		ip_forward(m, 0);
 #ifdef IPFIREWALL_FORWARD

>Release-Note:
>Audit-Trail:
>Unformatted:


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200101212025.f0LKPPB00717>