From owner-freebsd-net Thu Feb 22 19:21:31 2001 Delivered-To: freebsd-net@freebsd.org Received: from prism.flugsvamp.com (cb58709-a.mdsn1.wi.home.com [24.17.241.9]) by hub.freebsd.org (Postfix) with ESMTP id 0E5AB37B401 for ; Thu, 22 Feb 2001 19:21:28 -0800 (PST) (envelope-from jlemon@flugsvamp.com) Received: (from jlemon@localhost) by prism.flugsvamp.com (8.11.0/8.11.0) id f1N3Kiq58098; Thu, 22 Feb 2001 21:20:44 -0600 (CST) (envelope-from jlemon) Date: Thu, 22 Feb 2001 21:20:44 -0600 From: Jonathan Lemon To: Jesper Skriver Cc: Jonathan Lemon , net@freebsd.org Subject: Re: ICMP unreachables, take II. Message-ID: <20010222212044.H5714@prism.flugsvamp.com> References: <20010222185412.E5714@prism.flugsvamp.com> <20010223034952.A6694@skriver.dk> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 1.0pre2i In-Reply-To: <20010223034952.A6694@skriver.dk> Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Fri, Feb 23, 2001 at 03:49:52AM +0100, Jesper Skriver wrote: > > I still think we should react to the following as a minimum > - type 3 code 0 net unreachable > - type 3 code 1 host unreachable RFC 1122, Section 4.2.3.9 says: o Destination Unreachable -- codes 0, 1, 5 Since these Unreachable messages indicate soft error conditions, TCP MUST NOT abort the connection, and it SHOULD make the information available to the application. I think that these should be transients. > Perhaps you could keep some of the comment ... Hmm, yeah, I was probably a little too overzealous with the axe there > > if (cmd == PRC_QUENCH) > > notify = tcp_quench; > > - else if ((icmp_unreach_like_rst == 1) && ((cmd == PRC_UNREACH_HOST) || > > - (cmd == PRC_UNREACH_ADMIN_PROHIB)) && (ip) && > > - ((IP_VHL_HL(ip->ip_vhl) << 2) == sizeof(struct ip))) { > > Sure we'll not try to read off the end of the recieved packet, when we > remove the check for the header length. > > I put it there as a extra check against "attackers" sending us malformed > ICMP messages with only part of the attached IP header, or even without > it. Yup, but if you exmaine icmp_input, which calls this code, it has already verified that there are a full 8 bytes of the TCP packet in existence; if this is not the case, icmp_input will drop the packet. -- Jonathan To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message