Date: Fri, 5 Oct 2012 15:01:38 +0200 From: =?ISO-8859-1?Q?Ermal_Lu=E7i?= <eri@freebsd.org> To: Gleb Smirnoff <glebius@freebsd.org> Cc: net@freebsd.org Subject: Re: [PATCH] resolve byte order mess in ip_input/ip_output/pfil(9) Message-ID: <CAPBZQG0Z0Hc-DCQoyZGEwLMXB4wSsEZhyoy9zNDuXe8P8LBoQA@mail.gmail.com> In-Reply-To: <20121005114716.GP34622@FreeBSD.org> References: <20121005114716.GP34622@FreeBSD.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Hello Gleb, it would be better to switch to net byte order allover rather than trade one for the other. This makes it even more tricky to understand the code than it is. If you do the work its better to do the full thing in one shot and switch to netbyte order. speaking of pf(4) side of things please do not loose the VIMAGE calls! On Fri, Oct 5, 2012 at 1:47 PM, Gleb Smirnoff <glebius@freebsd.org> wrote: > Hello, > > once the pfil(9) API was introduced in FreeBSD, our main packet filter, > the ipfw(4) worked in host byte order, that's why the pfil(9) API was > violated: the AF_INET hooks were entered with packet in host byte order. > > If you look into pfil(9) manpage you'll see that it still declares > opposite :) > > Today, pf(4) and ipfw(4) both are working with net byte order. But > pfil(9) still supplies packet to them in host byte order, contrary > to what API manual says. > > Right now, we have tons of places where byte order is swapped there > and back to resolve this mess: > > - when entering pf > - when entering ipfw > - when calling pfil hooks from enc(4) > - when calling pfil hooks from if_bridge(4) > - in ip_fastfwd.c > > Also, we've got ip_fragment() that accepts packet in host byte > order and emits new ones in net byte order. > > Moreover, when we put packets into the NETISR_IP queue, we put them > in different byte order: those that have M_FASTFWD_OURS flag are in > host byte order, while all others are in net. > > Attached patch does the following: > > - all packets in NETISR_IP queue are in net byte order > - ip_input() is entered in net byte order and converts packet > to host byte order right _after_ processing pfil(9) hooks > - ip_output() is entered in host byte order and converts packet > to net byte order right _before_ processing pfil(9) hooks > - ip_fragment() accepts and emits packet in net byte order > - ip_forward(), ip_mloopback() use host byte order (untouched actually) > - ip_fastforward() no longer modifies packet at all (except ip_ttl) > - swapping of byte order there and back removed from the following modules: > pf(4), ipfw(4), enc(4), if_bridge(4) > - swapping of byte order added to ipfilter(4), based on __FreeBSD_version > - __FreeBSD_version bumped > - manual page updated > > -- > Totus tuus, Glebius. > > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" -- Ermal
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAPBZQG0Z0Hc-DCQoyZGEwLMXB4wSsEZhyoy9zNDuXe8P8LBoQA>