From owner-freebsd-net@FreeBSD.ORG Tue Jun 5 18:24:24 2012 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 508F61065687 for ; Tue, 5 Jun 2012 18:24:24 +0000 (UTC) (envelope-from darrenr@freebsd.org) Received: from out1-smtp.messagingengine.com (out1-smtp.messagingengine.com [66.111.4.25]) by mx1.freebsd.org (Postfix) with ESMTP id 1A3988FC16 for ; Tue, 5 Jun 2012 18:24:24 +0000 (UTC) Received: from compute3.internal (compute3.nyi.mail.srv.osa [10.202.2.43]) by gateway1.nyi.mail.srv.osa (Postfix) with ESMTP id B7AB920E07 for ; Tue, 5 Jun 2012 14:24:23 -0400 (EDT) Received: from frontend1.nyi.mail.srv.osa ([10.202.2.160]) by compute3.internal (MEProxy); Tue, 05 Jun 2012 14:24:23 -0400 DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d= messagingengine.com; h=message-id:date:from:reply-to :mime-version:to:subject:content-type:content-transfer-encoding; s=smtpout; bh=gGSEQwF8YZp4K5r29vP3LH3/1Ic=; b=dF2z2Utrxs0CqtWcM 8YM+Oxtg9YkLRAFEa6HoLk2yTWf19LMxqj/G8a4bhVbcVTGaEM8wN4/BePoDura5 TGv/rd/W45jF7EK+0TDoIUUVo9jRFF0Jk/DDjRcZDQJma7Dab4rIyiGj7Vb5FAR0 xOTB9tc9P2DwfAfOdGu7szficQ= X-Sasl-enc: nZMZFmfQ04H1zB3+cllL6rM3/eRu9cHXeYXuQdgguQaK 1338920663 Received: from [192.168.1.124] (unknown [202.45.110.141]) by mail.messagingengine.com (Postfix) with ESMTPA id 164BE8E0187 for ; Tue, 5 Jun 2012 14:24:22 -0400 (EDT) Message-ID: <4FCE4F4B.3020300@freebsd.org> Date: Wed, 06 Jun 2012 04:26:19 +1000 From: Darren Reed Organization: FreeBSD User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:12.0) Gecko/20120428 Thunderbird/12.0.1 MIME-Version: 1.0 To: freebsd-net@freebsd.org Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Subject: Re: pfil invariant proposal: mbuf begins with contiguous IP header X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: darrenr@freebsd.org List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 05 Jun 2012 18:24:24 -0000 > Quoting from pfil(9) > > When a filter is invoked, the packet appears just as if it ``came off the > wire''. That is, all protocol fields are in network byte order. [...] pfil(9) is already out of date with respect to FreeBSD as FreeBSD passes both ip_len and ip_off through in host byte order. As you noted, pf is confused by this elsewhere and tries to do a m_copym of an incorrect byte count. > This should be extended to include the guarantee that the mbuf begins > with a contiguous IP header, i.e. mtod(*mp, struct ip *) may be used to > access all IP header fields. For the present, this is a sensible addition but long term, I think the pfil interface needs to advance to supporting the mbuf where the packet data starts being in a different mbuf to that which is the start of the packet. Darren