Date: Thu, 24 Aug 2000 13:04:21 -0700 From: "Crist J . Clark" <cjclark@reflexnet.net> To: "David G. Andersen" <dga@pobox.com> Cc: freebsd-security@FreeBSD.ORG Subject: Re: Blackhat Firewall-1 Codes Message-ID: <20000824130421.A59226@149.211.6.64.reflexcom.com> In-Reply-To: <200008230639.AAA04483@faith.cs.utah.edu>; from dga@pobox.com on Wed, Aug 23, 2000 at 12:39:52AM -0600 References: <20000822233432.K28027@149.211.6.64.reflexcom.com> <200008230639.AAA04483@faith.cs.utah.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, Aug 23, 2000 at 12:39:52AM -0600, David G. Andersen wrote: > Without looking at all at the code, but speaking from having ported > numerous of these things to FreeBSD, I'll hazard a few guesses: > > - differing levels of "rawness" between BSD and Linux; > BSD raw sockets perform an htons() on the ip_len, ip_off, > and ip_tos fields. > > - set sin_len in your struct sockaddr_in; not all systems > have this field. > > - set IP_HDRINCLUDE and other friends when opening the raw socket, > if they're not already. > > Happy porting. Hmmm.. Is this just FreeBSD as opposed to a *BSD thing? The authors claim the codes were "developed and tested on OpenBSD and Linux." > Lo and behold, Crist J . Clark once said: > > > > > > I have been trying to get the 'fw1tun' codes to run under FreeBSD. I > > have been getting, > > > > $ ./icmp [args] > > sendto: Invalid argument > > > > Oh, just for the record, I am trying to see if some firewalls we have > > (ones not on the Internet, so no games from any kids out there) can be > > exploited. > > -- > > Crist J. Clark cjclark@alum.mit.com > > > -- > work: dga@lcs.mit.edu me: dga@pobox.com > MIT Laboratory for Computer Science http://www.angio.net/ -- Crist J. Clark cjclark@alum.mit.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000824130421.A59226>