From owner-freebsd-hackers Thu Jun 17 3:44:37 1999 Delivered-To: freebsd-hackers@freebsd.org Received: from mailer.syr.edu (mailer.syr.edu [128.230.18.29]) by hub.freebsd.org (Postfix) with ESMTP id D804915337 for ; Thu, 17 Jun 1999 03:44:35 -0700 (PDT) (envelope-from cmsedore@mailbox.syr.edu) Received: from rodan.syr.edu by mailer.syr.edu (LSMTP for Windows NT v1.1a) with SMTP id <0.DE8DCDC0@mailer.syr.edu>; Thu, 17 Jun 1999 6:44:38 -0400 Received: from localhost (cmsedore@localhost) by rodan.syr.edu (8.8.7/8.8.7) with ESMTP id GAA29879; Thu, 17 Jun 1999 06:44:33 -0400 (EDT) X-Authentication-Warning: rodan.syr.edu: cmsedore owned process doing -bs Date: Thu, 17 Jun 1999 06:44:33 -0400 (EDT) From: Christopher Sedore X-Sender: cmsedore@rodan.syr.edu To: brooks@one-eyed-alien.net Cc: freebsd-hackers@FreeBSD.ORG Subject: Re: changes to ether_output() In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Wed, 16 Jun 1999 brooks@one-eyed-alien.net wrote: > Hi, > > I've been doing some work which caused me to want to write a simple > userland bridging/filtering program (don't ask ;-). The easy way to do it > seemed to be to use BPF to read and write the packets one each side. I > wrote something up in a few hundred lines of code which worked (mostly) as > long as no one did much broadcast and I threw away multicast packets. > After some searching I found a refrence in libnet (ports/net/libnet) which > said the problem was that while BPF takes a whole packet and claims to > write it to the wire, it actually ignores the source address and uses the > one assigned to the card. They had an LKM which fixed the problem, but it > was based on a mid-1997 version of net/if_ethersubr.c from 2.2.x and had a > number of things commented out that probably shouldn't have been. > > I've taken the key lines from the LKM and produced a patch which adds > optional support for for spoofing the source address of certain ethernet > packets. It's a compile time option and is controled by a sysctl which > defaults to off and doesn't work in secure mode. The patch is included > below. The diff is against 3.2-STABLE as of a couple weeks ago and it > looks like part of it may have to be applyed by hand on -current. > > Please let me know what you think. I filed a kernel bug report about this early this year. This is a bug in the BPF implementation on FreeBSD (at least this was the consensus of those who reacted when I posted about it). If you look in the gnats pages you'll find my report and a patch to fix bpf. I don't remember the code well enough to envision what your patch does, but you might want to look over mine just to see what I did (it didn't look to me like you fixed bpf, but maybe I'm missing that). -Chris To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message