From owner-svn-src-all@freebsd.org Fri Jan 18 09:54:29 2019 Return-Path: Delivered-To: svn-src-all@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 9810514962D2; Fri, 18 Jan 2019 09:54:29 +0000 (UTC) (envelope-from ae@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 361AE87448; Fri, 18 Jan 2019 09:54:29 +0000 (UTC) (envelope-from ae@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 2548F79F; Fri, 18 Jan 2019 09:54:29 +0000 (UTC) (envelope-from ae@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id x0I9sSjw070638; Fri, 18 Jan 2019 09:54:29 GMT (envelope-from ae@FreeBSD.org) Received: (from ae@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id x0I9sSSZ070637; Fri, 18 Jan 2019 09:54:28 GMT (envelope-from ae@FreeBSD.org) Message-Id: <201901180954.x0I9sSSZ070637@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: ae set sender to ae@FreeBSD.org using -f From: "Andrey V. Elsukov" Date: Fri, 18 Jan 2019 09:54:28 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-12@freebsd.org Subject: svn commit: r343141 - stable/12/sys/netpfil/ipfw X-SVN-Group: stable-12 X-SVN-Commit-Author: ae X-SVN-Commit-Paths: stable/12/sys/netpfil/ipfw X-SVN-Commit-Revision: 343141 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Rspamd-Queue-Id: 361AE87448 X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org X-Spamd-Result: default: False [-2.95 / 15.00]; local_wl_from(0.00)[FreeBSD.org]; NEURAL_HAM_MEDIUM(-1.00)[-0.999,0]; NEURAL_HAM_LONG(-1.00)[-0.999,0]; NEURAL_HAM_SHORT(-0.95)[-0.952,0]; ASN(0.00)[asn:11403, ipnet:2610:1c1:1::/48, country:US] X-BeenThere: svn-src-all@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "SVN commit messages for the entire src tree \(except for " user" and " projects" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 18 Jan 2019 09:54:29 -0000 Author: ae Date: Fri Jan 18 09:54:28 2019 New Revision: 343141 URL: https://svnweb.freebsd.org/changeset/base/343141 Log: MFC r342925: Relax requirement to packet size of CARP protocol and remove version check. CARP shares protocol number 112 with VRRP (RFC 5798). And the size of VRRP packet may be smaller than CARP. ipfw_chk() does m_pullup() to at least sizeof(struct carp_header) and can fail when packet is VRRP. This leads to packet drop and message about failed pullup attempt. Also, RFC 5798 defines version 3 of VRRP protocol, this version number also unsupported by CARP and such check leads to packet drop. carp_input() does its own checks for protocol version and packet size, so we can remove these checks to be able pass VRRP packets. PR: 234207 Modified: stable/12/sys/netpfil/ipfw/ip_fw2.c Directory Properties: stable/12/ (props changed) Modified: stable/12/sys/netpfil/ipfw/ip_fw2.c ============================================================================== --- stable/12/sys/netpfil/ipfw/ip_fw2.c Fri Jan 18 09:41:17 2019 (r343140) +++ stable/12/sys/netpfil/ipfw/ip_fw2.c Fri Jan 18 09:54:28 2019 (r343141) @@ -1597,12 +1597,10 @@ do { \ break; case IPPROTO_CARP: - PULLUP_TO(hlen, ulp, struct carp_header); - if (((struct carp_header *)ulp)->carp_version != - CARP_VERSION) - return (IP_FW_DENY); - if (((struct carp_header *)ulp)->carp_type != - CARP_ADVERTISEMENT) + PULLUP_TO(hlen, ulp, offsetof( + struct carp_header, carp_counter)); + if (CARP_ADVERTISEMENT != + ((struct carp_header *)ulp)->carp_type) return (IP_FW_DENY); break;