Date: Thu, 15 Jan 2004 21:13:49 +0100 From: Andre Oppermann <andre@freebsd.org> To: David Gilbert <dgilbert@dclg.ca> Cc: freebsd-current@freebsd.org Subject: Re: kern/61215: off-by-one error likely in ip_fragment() Message-ID: <4006F47D.592D4CF1@freebsd.org> References: <40055744.5030607@freebsd.org> <16390.61995.829098.247043@canoe.dclg.ca>
next in thread | previous in thread | raw e-mail | index | archive | help
David Gilbert wrote: > > >>>>> "Andre" == Andre Oppermann <andre@freebsd.org> writes: > > Andre> David, the problem with if_gre is actually twofold: > > Andre> - the change of htons(m->m_pkthdr.len) in the last commit to > Andre> that file is incorrect. In FreeBSD this is done in ip_output > Andre> for all packets sent (unless RAW). > > Andre> - The struct ip which is contained in struct gh is not > Andre> correctly intialized. For some reason this didn't matter until > Andre> now. It seems M_PREPREND may return non-zeroed memory. > > Andre> There is no problem in either ip_fragment() nor m_copym() (and > Andre> the 'fix' I posted is bogus, however some of those KASSERTs are > Andre> highly bogus too and misleading). > > Andre> Please try the attached patch. I was able to get correct GRE > Andre> packets with that patch (as seen by ethereal). > > Andre> I'm not sure if it is better to do a bzero() on the entire > Andre> struct gh to have all ip header values set to zero for sure. > Andre> There are still some that are unitialized. > > I'm not sure what's up. Your patch wouldn't apply to v1.17 of my > if_gre.c, so something's wrong with the patch. Regardless, I applied > the patch by hand and things didn't work yet. Didn't it apply because of patch complaining or because it didn't match at all? > The kernel didn't crash, but packets routed into the tunnel didn't > show up on the outbound interface. I my case, the machine has three > ethernet-like interfaces and the gre. > > wi0 and sis0 are internal networks. dc0 is the external network > interface. A /32 route for the far end of the tunnel exists (and > works on the new kernel ... it pings), but pings into the tunnel don't > generate traffic on dc0 (at least according to tcpdump). Do you enable "link1" on your GRE interface? What does ifconfig -a show? -- Andre
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4006F47D.592D4CF1>