Date: Sat, 11 Mar 2000 09:08:26 -0800 (PST) From: spock@techfour.net To: freebsd-gnats-submit@FreeBSD.org Subject: kern/17319: [PATCH] ipfw logs ICMP and unknown packets, with same src and dest address Message-ID: <200003111708.JAA63271@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 17319
>Category: kern
>Synopsis: [PATCH] ipfw logs ICMP and unknown packets, with same src and dest address
>Confidential: no
>Severity: serious
>Priority: high
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Sat Mar 11 09:10:01 PST 2000
>Closed-Date:
>Last-Modified:
>Originator: Mike Heffner
>Release: 4.0-current
>Organization:
>Environment:
FreeBSD 4.0-CURRENT #5: Thu Mar 9 20:50:50 EST 2000
>Description:
ipfirewall will log packets that are ICMP or unknown ipproto with the
same source and destination address. For example:
/kernel: ipfw: 271 Deny ICMP:8.0 205.156.51.204 205.156.51.204 in via ed1
/kernel: ipfw: 271 Deny ICMP:8.0 205.156.51.204 205.156.51.204 in via ed1
/kernel: ipfw: 146 Deny P:2 192.168.100.1 192.168.100.1 in via ed1
/kernel: ipfw: 146 Deny P:2 192.168.100.1 192.168.100.1 in via ed1
/kernel: ipfw: 146 Deny P:2 192.168.100.1 192.168.100.1 in via ed1
>How-To-Repeat:
have ipfw log icmp packets and/or unknown ipproto packets
>Fix:
The problem is due to incorrect use of inet_ntoa(3).
[sorry, patch might have whitespace errors]
Index: sys/netinet/ip_fw.c
===================================================================
RCS file: /home/ncvs/src/sys/netinet/ip_fw.c,v
retrieving revision 1.131
diff -u -r1.131 ip_fw.c
--- ip_fw.c 2000/02/29 17:51:25 1.131
+++ ip_fw.c 2000/03/10 20:04:13
@@ -464,7 +464,6 @@
}
}
- len = 0;
switch (ip->ip_p) {
case IPPROTO_TCP:
len = snprintf(SNPARGS(proto, 0), "TCP %s",
@@ -500,12 +499,13 @@
icmp->icmp_type, icmp->icmp_code);
else
len = snprintf(SNPARGS(proto, 0), "ICMP ");
- snprintf(SNPARGS(proto, len), "%s %s", inet_ntoa(ip->ip_src),
- inet_ntoa(ip->ip_dst));
+ len += snprintf(SNPARGS(proto, len), "%s", inet_ntoa(ip->ip_src));
+ snprintf(SNPARGS(proto, len), " %s", inet_ntoa(ip->ip_dst));
break;
default:
- snprintf(SNPARGS(proto, 0), "P:%d %s %s", ip->ip_p,
- inet_ntoa(ip->ip_src), inet_ntoa(ip->ip_dst));
+ len = snprintf(SNPARGS(proto, 0), "P:%d %s", ip->ip_p,
+ inet_ntoa(ip->ip_src));
+ snprintf(SNPARGS(proto, len), " %s", inet_ntoa(ip->ip_dst));
break;
}
>Release-Note:
>Audit-Trail:
>Unformatted:
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200003111708.JAA63271>