From owner-freebsd-net@FreeBSD.ORG Wed Oct 31 01:15:27 2007 Return-Path: Delivered-To: freebsd-net@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id A4E5A16A41A; Wed, 31 Oct 2007 01:15:27 +0000 (UTC) (envelope-from matus.harvan@inf.ethz.ch) Received: from xsmtp1.ethz.ch (xsmtp1.ethz.ch [82.130.70.13]) by mx1.freebsd.org (Postfix) with ESMTP id EFCDE13C447; Wed, 31 Oct 2007 01:15:26 +0000 (UTC) (envelope-from matus.harvan@inf.ethz.ch) Received: from xfe0.d.ethz.ch ([82.130.124.40]) by xsmtp1.ethz.ch with Microsoft SMTPSVC(6.0.3790.3959); Wed, 31 Oct 2007 02:15:17 +0100 Received: from styx.inf.ethz.ch ([77.56.100.193]) by xfe0.d.ethz.ch over TLS secured channel with Microsoft SMTPSVC(6.0.3790.3959); Wed, 31 Oct 2007 02:15:16 +0100 Received: by styx.inf.ethz.ch (Postfix, from userid 1001) id 52BA549AC8F; Wed, 31 Oct 2007 02:15:16 +0100 (CET) Date: Wed, 31 Oct 2007 02:15:16 +0100 From: Matus Harvan To: "Bruce M. Simpson" Message-ID: <20071031011516.GF2564@styx.ethz.ch> References: <20070909201837.GA18107@inf.ethz.ch> <20071026154057.GG1049@styx.ethz.ch> <4722AEB3.1010208@FreeBSD.org> <20071029150424.GA68594@lor.one-eyed-alien.net> <4726395B.8080905@FreeBSD.org> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="3oCie2+XPXTnK5a5" Content-Disposition: inline In-Reply-To: <4726395B.8080905@FreeBSD.org> User-Agent: Mutt/1.5.16 (2007-06-09) X-OriginalArrivalTime: 31 Oct 2007 01:15:16.0666 (UTC) FILETIME=[7EFEC9A0:01C81B5B] Cc: freebsd-net@FreeBSD.org, Brooks Davis , Max Laier Subject: Re: UDP catchall X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 31 Oct 2007 01:15:27 -0000 --3oCie2+XPXTnK5a5 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Mon, Oct 29, 2007 at 07:49:47PM +0000, Bruce M. Simpson wrote: > Brooks Davis wrote: >> While I think this idea has some merit, I think we specifically want >> the current wildcard ability to allow for a system that requires >> minimal configuration. The problem with a range is that it doesn't >> allow disjoint sets and it requires that if you really do want all the >> ports you need to produce a list of currently allocated ports to avoid >> allocating. A more (over)engineered solution holds some attraction, but >> I'm not yet convinced the fact that it could exist precludes the current >> implementation. >=20 > Actually I concur with you on this point, based solely on the disjoint se= ts=20 > point. >=20 > Another vector of attack would be to put the relay functionality into PF,= =20 > which can do the packet matching. However this of course suffers from the= =20 > problem that if you just want a plain old UDP socket for mtund, you won't= =20 > get that unless you go to the inpcb layer anyway. >=20 > But who says mtund needs to use sockets for its traffic relay? There is= =20 > definite appeal in *not* doing it in the socket layer at all -- an=20 > adaptation of pf's log socket may suffice... My initial understanding of a raw IP socket was that I could simply receive any packet for a particular protocol. This almost works for ICMP, but TCP and UDP don't seem to be supported. Hence, I have perceived the patch also as a natural extension of the idea of a raw IP socket for the UDP protocol. Matus --3oCie2+XPXTnK5a5 Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.4 (FreeBSD) iD4DBQFHJ9ck43LQWDWf0QIRAvptAJ9rLq7tPJ+RKJlcLjKpOWD4RPLpXwCVFVPV aqlhRAG81I0/ki1pTVf9wg== =ZlLv -----END PGP SIGNATURE----- --3oCie2+XPXTnK5a5--