Date: Wed, 15 Sep 1999 21:53:24 -0500 (CDT) From: dphill@inav.net To: FreeBSD-gnats-submit@freebsd.org Subject: misc/13771: Packet fragment filter bug in user-land PPP Message-ID: <199909160253.VAA00754@deanstoy.dphill.inav.net>
next in thread | raw e-mail | index | archive | help
>Number: 13771
>Category: misc
>Synopsis: Fragments blocked when they should not be.
>Confidential: no
>Severity: serious
>Priority: high
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Wed Sep 15 20:30:01 PDT 1999
>Closed-Date:
>Last-Modified:
>Originator: Dean M. Phillips
>Release: FreeBSD 3.3-RC i386
>Organization:
None Whatsoever!
>Environment:
FreeBSD deanstoy 3.3-RC FreeBSD 3.3-RC #0: Sat Sep 11 09:51:31 CDT 1999 root@deanstoy:/usr/src/sys/compile/DEANSTOY i386
User land PPP - build from sources cvsup'ed on Sep 14 22:40
>Description:
When the input filter is turned on, and large packets are received,
the second and following fragments are BLOCKED when they should not
be. This caused some DNS lookups to fail.
This appears to be due to an inverted return condition in usr.sbin/ppp/ip.c
>How-To-Repeat:
Connect to ISP with PPP (ISP is using Linux in by case).
In PPP command window say: "set filter in 0 permit 0/0 0/0"
and "set log local TCP/IP".
In some other window say: "nslookup search.yahoo.com".
Watch second frag. of reply get blocked.
>Fix:
Apply the following patch to:
$FreeBSD: src/usr.sbin/ppp/ip.c,v 1.54.2.5 1999/08/29 15:46:06 peter Exp $
------------------------------ cut here ------------------------------
*** /usr/src/usr.sbin/ppp/ip.c.~1~ Sun Aug 29 10:46:06 1999
--- /usr/src/usr.sbin/ppp/ip.c Tue Sep 14 22:40:39 1999
***************
*** 128,134 ****
if (len < (24 >> 3)) /* don't allow fragment to over-write header */
return (1);
/* permit fragments on in and out filter */
! return (filter->fragok);
}
cproto = gotinfo = estab = syn = finrst = didname = 0;
--- 128,134 ----
if (len < (24 >> 3)) /* don't allow fragment to over-write header */
return (1);
/* permit fragments on in and out filter */
! return (!filter->fragok);
}
cproto = gotinfo = estab = syn = finrst = didname = 0;
------------------------------ cut here ------------------------------
Returning true from FilterCheck causes the packet to be blocked.
Therefore if filter->fragok is true the packet was blocked.
>Release-Note:
>Audit-Trail:
>Unformatted:
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199909160253.VAA00754>