Date: Wed, 30 Sep 2015 20:46:58 +0000 From: bugzilla-noreply@freebsd.org To: freebsd-bugs@FreeBSD.org Subject: [Bug 203459] [ipfw] [patch] userspace/kernel mismatch on checking length of src-ip/dst-ip address lists Message-ID: <bug-203459-8@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=203459 Bug ID: 203459 Summary: [ipfw] [patch] userspace/kernel mismatch on checking length of src-ip/dst-ip address lists Product: Base System Version: 11.0-CURRENT Hardware: Any OS: Any Status: New Keywords: patch Severity: Affects Some People Priority: --- Component: kern Assignee: freebsd-bugs@FreeBSD.org Reporter: groos@xiplink.com Keywords: patch The ipfw command accepts up to 31 addresses in the address list of a dst-ip or src-ip selector, but the kernel only accepts up to 15. To reproduce: ------------- Hitting the kernel limit: [hub] /root # ipfw add 1 count dst-ip 1.0.0.1,1.0.0.2,1.0.0.3,1.0.0.4,1.0.0.5,1.0.0.6,1.0.0.7,1.0.0.8,1.0.0.9,1.0.0.10,1.0.0.11,1.0.0.12,1.0.0.13,1.0.0.14,1.0.0.15 00001 count ip from any to any dst-ip 1.0.0.1,1.0.0.2,1.0.0.3,1.0.0.4,1.0.0.5,1.0.0.6,1.0.0.7,1.0.0.8,1.0.0.9,1.0.0.10,1.0.0.11,1.0.0.12,1.0.0.13,1.0.0.14,1.0.0.15 [hub] /root # ipfw add 1 count dst-ip 1.0.0.1,1.0.0.2,1.0.0.3,1.0.0.4,1.0.0.5,1.0.0.6,1.0.0.7,1.0.0.8,1.0.0.9,1.0.0.10,1.0.0.11,1.0.0.12,1.0.0.13,1.0.0.14,1.0.0.15,1.0.0.16 ipfw: getsockopt(IP_FW_ADD): Invalid argument [hub] /root # dmesg|grep ipfw ipfw: opcode 6 size 33 wrong Hitting the ipfw command limit: [hub] /root # ipfw add 1 count dst-ip 1.0.0.1,1.0.0.2,1.0.0.3,1.0.0.4,1.0.0.5,1.0.0.6,1.0.0.7,1.0.0.8,1.0.0.9,1.0.0.10,1.0.0.11,1.0.0.12,1.0.0.13,1.0.0.14,1.0.0.15,1.0.0.16,1.0.0.17,1.0.0.18,1.0.0.19,1.0.0.20,1.0.0.21,1.0.0.22,1.0.0.23,1.0.0.24,1.0.0.25,1.0.0.26,1.0.0.27,1.0.0.28,1.0.0.29,1.0.0.30,1.0.0.31 ipfw: getsockopt(IP_FW_ADD): Invalid argument [hub] /root # ipfw add 1 count dst-ip 1.0.0.1,1.0.0.2,1.0.0.3,1.0.0.4,1.0.0.5,1.0.0.6,1.0.0.7,1.0.0.8,1.0.0.9,1.0.0.10,1.0.0.11,1.0.0.12,1.0.0.13,1.0.0.14,1.0.0.15,1.0.0.16,1.0.0.17,1.0.0.18,1.0.0.19,1.0.0.20,1.0.0.21,1.0.0.22,1.0.0.23,1.0.0.24,1.0.0.25,1.0.0.26,1.0.0.27,1.0.0.28,1.0.0.29,1.0.0.30,1.0.0.31,1.0.0.32 ipfw: address list too long Patch: ------ The following seems to fix it: diff --git a/sys/netpfil/ipfw/ip_fw_sockopt.c b/sys/netpfil/ipfw/ip_fw_sockopt.c index ef1ff6c..358bcf9 100644 --- a/sys/netpfil/ipfw/ip_fw_sockopt.c +++ b/sys/netpfil/ipfw/ip_fw_sockopt.c @@ -1515,7 +1515,7 @@ check_ipfw_rule_body(ipfw_insn *cmd, int cmd_len, struct rule_check_info *ci) case O_IP_SRC_MASK: case O_IP_DST_MASK: /* only odd command lengths */ - if ( !(cmdlen & 1) || cmdlen > 31) + if ( !(cmdlen & 1) ) goto bad_size; break; It looks like that '31' might be an artificial limit. The fix allows longer lists to be loaded and they do select packets correctly as expected. -- You are receiving this mail because: You are the assignee for the bug.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-203459-8>