From owner-freebsd-bugs Wed Sep 15 20:30: 5 1999 Delivered-To: freebsd-bugs@freebsd.org Received: from freefall.freebsd.org (freefall.FreeBSD.ORG [204.216.27.21]) by hub.freebsd.org (Postfix) with ESMTP id CF5A5152B5 for ; Wed, 15 Sep 1999 20:30:01 -0700 (PDT) (envelope-from gnats@FreeBSD.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.9.3/8.9.2) id UAA57441; Wed, 15 Sep 1999 20:30:01 -0700 (PDT) (envelope-from gnats@FreeBSD.org) Received: from soli.inav.net (soli.inav.net [199.120.107.103]) by hub.freebsd.org (Postfix) with ESMTP id 98A2F15250 for ; Wed, 15 Sep 1999 20:29:33 -0700 (PDT) (envelope-from dphill@inav.net) Received: from deanstoy.dphill.inav.net (dip306.inav.net [205.160.208.176]) by soli.inav.net (8.8.7/8.8.7) with ESMTP id WAA06699 for ; Wed, 15 Sep 1999 22:29:28 -0500 Received: (from dean@localhost) by deanstoy.dphill.inav.net (8.9.3/8.9.2) id VAA00754; Wed, 15 Sep 1999 21:53:24 -0500 (CDT) (envelope-from dean) Message-Id: <199909160253.VAA00754@deanstoy.dphill.inav.net> Date: Wed, 15 Sep 1999 21:53:24 -0500 (CDT) From: dphill@inav.net Reply-To: dphill@inav.net To: FreeBSD-gnats-submit@freebsd.org X-Send-Pr-Version: 3.2 Subject: misc/13771: Packet fragment filter bug in user-land PPP Sender: owner-freebsd-bugs@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org >Number: 13771 >Category: misc >Synopsis: Fragments blocked when they should not be. >Confidential: no >Severity: serious >Priority: high >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Wed Sep 15 20:30:01 PDT 1999 >Closed-Date: >Last-Modified: >Originator: Dean M. Phillips >Release: FreeBSD 3.3-RC i386 >Organization: None Whatsoever! >Environment: FreeBSD deanstoy 3.3-RC FreeBSD 3.3-RC #0: Sat Sep 11 09:51:31 CDT 1999 root@deanstoy:/usr/src/sys/compile/DEANSTOY i386 User land PPP - build from sources cvsup'ed on Sep 14 22:40 >Description: When the input filter is turned on, and large packets are received, the second and following fragments are BLOCKED when they should not be. This caused some DNS lookups to fail. This appears to be due to an inverted return condition in usr.sbin/ppp/ip.c >How-To-Repeat: Connect to ISP with PPP (ISP is using Linux in by case). In PPP command window say: "set filter in 0 permit 0/0 0/0" and "set log local TCP/IP". In some other window say: "nslookup search.yahoo.com". Watch second frag. of reply get blocked. >Fix: Apply the following patch to: $FreeBSD: src/usr.sbin/ppp/ip.c,v 1.54.2.5 1999/08/29 15:46:06 peter Exp $ ------------------------------ cut here ------------------------------ *** /usr/src/usr.sbin/ppp/ip.c.~1~ Sun Aug 29 10:46:06 1999 --- /usr/src/usr.sbin/ppp/ip.c Tue Sep 14 22:40:39 1999 *************** *** 128,134 **** if (len < (24 >> 3)) /* don't allow fragment to over-write header */ return (1); /* permit fragments on in and out filter */ ! return (filter->fragok); } cproto = gotinfo = estab = syn = finrst = didname = 0; --- 128,134 ---- if (len < (24 >> 3)) /* don't allow fragment to over-write header */ return (1); /* permit fragments on in and out filter */ ! return (!filter->fragok); } cproto = gotinfo = estab = syn = finrst = didname = 0; ------------------------------ cut here ------------------------------ Returning true from FilterCheck causes the packet to be blocked. Therefore if filter->fragok is true the packet was blocked. >Release-Note: >Audit-Trail: >Unformatted: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message