From owner-freebsd-net@FreeBSD.ORG Thu Jan 15 12:04:08 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id B374316A4CE; Thu, 15 Jan 2004 12:04:08 -0800 (PST) Received: from sizone.org (mortar.sizone.org [65.126.154.242]) by mx1.FreeBSD.org (Postfix) with ESMTP id DAF2443D54; Thu, 15 Jan 2004 12:04:01 -0800 (PST) (envelope-from dgilbert@daveg.ca) Received: by sizone.org (Postfix, from userid 66) id 299E430792; Thu, 15 Jan 2004 15:04:01 -0500 (EST) Received: by canoe.dclg.ca (Postfix, from userid 101) id EDCBB1D1F21; Thu, 15 Jan 2004 15:03:55 -0500 (EST) From: David Gilbert MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Message-ID: <16390.61995.829098.247043@canoe.dclg.ca> Date: Thu, 15 Jan 2004 15:03:55 -0500 To: Andre Oppermann In-Reply-To: <40055744.5030607@freebsd.org> References: <40055744.5030607@freebsd.org> X-Mailer: VM 7.17 under 21.4 (patch 14) "Reasonable Discussion" XEmacs Lucid cc: freebsd-net@freebsd.org cc: freebsd-gnats-submit@FreeBSD.org cc: freebsd-current@freebsd.org cc: dgilbert@dclg.ca Subject: Re: kern/61215: off-by-one error likely in ip_fragment() X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 15 Jan 2004 20:04:08 -0000 >>>>> "Andre" == Andre Oppermann writes: Andre> David, the problem with if_gre is actually twofold: Andre> - the change of htons(m->m_pkthdr.len) in the last commit to Andre> that file is incorrect. In FreeBSD this is done in ip_output Andre> for all packets sent (unless RAW). Andre> - The struct ip which is contained in struct gh is not Andre> correctly intialized. For some reason this didn't matter until Andre> now. It seems M_PREPREND may return non-zeroed memory. Andre> There is no problem in either ip_fragment() nor m_copym() (and Andre> the 'fix' I posted is bogus, however some of those KASSERTs are Andre> highly bogus too and misleading). Andre> Please try the attached patch. I was able to get correct GRE Andre> packets with that patch (as seen by ethereal). Andre> I'm not sure if it is better to do a bzero() on the entire Andre> struct gh to have all ip header values set to zero for sure. Andre> There are still some that are unitialized. I'm not sure what's up. Your patch wouldn't apply to v1.17 of my if_gre.c, so something's wrong with the patch. Regardless, I applied the patch by hand and things didn't work yet. The kernel didn't crash, but packets routed into the tunnel didn't show up on the outbound interface. I my case, the machine has three ethernet-like interfaces and the gre. wi0 and sis0 are internal networks. dc0 is the external network interface. A /32 route for the far end of the tunnel exists (and works on the new kernel ... it pings), but pings into the tunnel don't generate traffic on dc0 (at least according to tcpdump). Dave. -- ============================================================================ |David Gilbert, Independent Contractor. | Two things can only be | |Mail: dave@daveg.ca | equal if and only if they | |http://daveg.ca | are precisely opposite. | =========================================================GLO================