From owner-freebsd-net  Mon Jan 29  9:44:29 2001
Delivered-To: freebsd-net@freebsd.org
Received: from InterJet.dellroad.org (adsl-63-194-81-26.dsl.snfc21.pacbell.net [63.194.81.26])
	by hub.freebsd.org (Postfix) with ESMTP
	id 5237137B402; Mon, 29 Jan 2001 09:44:09 -0800 (PST)
Received: from curve.dellroad.org (curve.dellroad.org [10.1.1.30])
	by InterJet.dellroad.org (8.9.1a/8.9.1) with ESMTP id JAA88110;
	Mon, 29 Jan 2001 09:44:08 -0800 (PST)
Received: (from archie@localhost)
	by curve.dellroad.org (8.9.3/8.9.3) id JAA20568;
	Mon, 29 Jan 2001 09:44:07 -0800 (PST)
	(envelope-from archie)
From: Archie Cobbs <archie@dellroad.org>
Message-Id: <200101291744.JAA20568@curve.dellroad.org>
Subject: Re: ipfw message
In-Reply-To: <20010129105926.B27558@sunbay.com> "from Ruslan Ermilov at Jan 29,
 2001 10:59:26 am"
To: Ruslan Ermilov <ru@FreeBSD.ORG>
Date: Mon, 29 Jan 2001 09:44:07 -0800 (PST)
Cc: Alwyn Goodloe <agoodloe@gradient.cis.upenn.edu>, net@FreeBSD.ORG,
	Archie Cobbs <archie@FreeBSD.ORG>
X-Mailer: ELM [version 2.4ME+ PL77 (25)]
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset=US-ASCII
Sender: owner-freebsd-net@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

Ruslan Ermilov writes:
> I think I have found a bug here.  When the ``divert foo ... udp ...'' rule
> has no destination port specification, everything works as documented, i.e.
> all fragments are reassembled and get diverted to the divert(4) to port
> ``foo''.  If I add the destination port specification, only the first
> (offset zero) fragment gets diverted:

Yep.. diversion happens before reassembly, but diverted packets
are only delivered after reassembly.

So if not all of the fragments are diverted, the packet is lost
because only an incomplete portion of it gets diverted.

To "fix" this bug would require reassembling *all* (or a large
portion of the) packets passing through the kernel, which is probably
not a win.  A workaround is to match conservatively (i.e., match
all udp packets) and have the userland code just reinject any
false positives.

-Archie

__________________________________________________________________________
Archie Cobbs     *     Packet Design     *     http://www.packetdesign.com


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-net" in the body of the message