From owner-freebsd-net@FreeBSD.ORG Fri Oct 5 13:01:41 2012 Return-Path: Delivered-To: net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 3C71A1065672; Fri, 5 Oct 2012 13:01:41 +0000 (UTC) (envelope-from ermal.luci@gmail.com) Received: from mail-bk0-f54.google.com (mail-bk0-f54.google.com [209.85.214.54]) by mx1.freebsd.org (Postfix) with ESMTP id 4B6B08FC08; Fri, 5 Oct 2012 13:01:39 +0000 (UTC) Received: by mail-bk0-f54.google.com with SMTP id jf20so924945bkc.13 for ; Fri, 05 Oct 2012 06:01:39 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date :x-google-sender-auth:message-id:subject:from:to:cc:content-type; bh=gRsTi2fZ1kK/d7FTfsTjQfWH6mE9nINVPoIKDiSfGJI=; b=WiK/rY/hwxYuTsEkvjmpAKWPYUstcbYj7sBP+7yTqreluiaeAGX9v6LxuTnH/UaNEL //eqCrLdxz7jUjEG6vmwKklWmag9QZamsMEdsRcHsOUIsRJCTk3T2eRhgVxZWMHwJhRf oooVPZJT/T2EDOFd81F5YA/7JO/y+iz2hB/xWpf41BJCOqf40iiZ+UsJUiZXOkZynX2x MtCy1HjRb83MirzZbtZS7DXeP5+5RfzEkK/MF2HRvDoSdzbB8S3trYqgjgqppR+vkNpQ JQAsSNLkEu5vcPtIpEsia0Gzsld014UoijEJ5i+fW/SYF3YSCFbv6zVD3xXC2Vs6IkwD bQ4g== MIME-Version: 1.0 Received: by 10.205.127.146 with SMTP id ha18mr2819402bkc.130.1349442099017; Fri, 05 Oct 2012 06:01:39 -0700 (PDT) Sender: ermal.luci@gmail.com Received: by 10.204.143.148 with HTTP; Fri, 5 Oct 2012 06:01:38 -0700 (PDT) In-Reply-To: <20121005114716.GP34622@FreeBSD.org> References: <20121005114716.GP34622@FreeBSD.org> Date: Fri, 5 Oct 2012 15:01:38 +0200 X-Google-Sender-Auth: kNi2zcKFCTM54C3qfmtp5ynnzfc Message-ID: From: =?ISO-8859-1?Q?Ermal_Lu=E7i?= To: Gleb Smirnoff Content-Type: text/plain; charset=ISO-8859-1 Cc: net@freebsd.org Subject: Re: [PATCH] resolve byte order mess in ip_input/ip_output/pfil(9) X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 05 Oct 2012 13:01:41 -0000 Hello Gleb, it would be better to switch to net byte order allover rather than trade one for the other. This makes it even more tricky to understand the code than it is. If you do the work its better to do the full thing in one shot and switch to netbyte order. speaking of pf(4) side of things please do not loose the VIMAGE calls! On Fri, Oct 5, 2012 at 1:47 PM, Gleb Smirnoff wrote: > Hello, > > once the pfil(9) API was introduced in FreeBSD, our main packet filter, > the ipfw(4) worked in host byte order, that's why the pfil(9) API was > violated: the AF_INET hooks were entered with packet in host byte order. > > If you look into pfil(9) manpage you'll see that it still declares > opposite :) > > Today, pf(4) and ipfw(4) both are working with net byte order. But > pfil(9) still supplies packet to them in host byte order, contrary > to what API manual says. > > Right now, we have tons of places where byte order is swapped there > and back to resolve this mess: > > - when entering pf > - when entering ipfw > - when calling pfil hooks from enc(4) > - when calling pfil hooks from if_bridge(4) > - in ip_fastfwd.c > > Also, we've got ip_fragment() that accepts packet in host byte > order and emits new ones in net byte order. > > Moreover, when we put packets into the NETISR_IP queue, we put them > in different byte order: those that have M_FASTFWD_OURS flag are in > host byte order, while all others are in net. > > Attached patch does the following: > > - all packets in NETISR_IP queue are in net byte order > - ip_input() is entered in net byte order and converts packet > to host byte order right _after_ processing pfil(9) hooks > - ip_output() is entered in host byte order and converts packet > to net byte order right _before_ processing pfil(9) hooks > - ip_fragment() accepts and emits packet in net byte order > - ip_forward(), ip_mloopback() use host byte order (untouched actually) > - ip_fastforward() no longer modifies packet at all (except ip_ttl) > - swapping of byte order there and back removed from the following modules: > pf(4), ipfw(4), enc(4), if_bridge(4) > - swapping of byte order added to ipfilter(4), based on __FreeBSD_version > - __FreeBSD_version bumped > - manual page updated > > -- > Totus tuus, Glebius. > > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" -- Ermal