From owner-freebsd-ipfw@FreeBSD.ORG Wed Mar 9 14:47:45 2011 Return-Path: Delivered-To: freebsd-ipfw@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id ED3D9106564A for ; Wed, 9 Mar 2011 14:47:44 +0000 (UTC) (envelope-from f.invernizzi@libero.it) Received: from cp-out3.libero.it (cp-out3.libero.it [212.52.84.103]) by mx1.freebsd.org (Postfix) with ESMTP id 8168F8FC0C for ; Wed, 9 Mar 2011 14:47:44 +0000 (UTC) X-CTCH-Spam: Unknown X-CTCH-RefID: str=0001.0A0B020B.4D779085.0246,ss=1,re=0.000,fgs=0 X-libjamoibt: 1419 Received: from wmail21 (172.31.0.73) by cp-out3.libero.it (8.5.133) (authenticated as f.invernizzi@libero.it) id 4D10BEAD05B84C15 for freebsd-ipfw@freebsd.org; Wed, 9 Mar 2011 15:36:53 +0100 Message-ID: <9582756.65231299681413563.JavaMail.root@wmail21> Date: Wed, 9 Mar 2011 15:36:53 +0100 (CET) From: "f.invernizzi@libero.it" To: freebsd-ipfw@freebsd.org MIME-Version: 1.0 Content-Type: text/plain;charset="UTF-8" Content-Transfer-Encoding: 7bit X-SenderIP: 87.9.225.208 Subject: Generating a packet from IPvw X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: "f.invernizzi@libero.it" List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 09 Mar 2011 14:47:45 -0000 Hi all i am trying to do something quite odd with the IPfw (FreeSD 8.1@AMD64) for a particular system i am trying to build. The idea is that whenever a dynamic rule is UNLINKED from the IPfw linked list, i want a fake packet to be generated and sent by the firewall. In a quite simple configuration I had sucesfully done, using ip_output to send a on-the-fly generated packet, and added a call to my function in the UNLINK_DYN_RULE macro (ip_fw_dynamic.c ). It looks something like: #define UNLINK_DYN_RULE(prev, head, q) { \ ipfw_dyn_rule *old_q = q; \ /* Fabrizio */ \ ipfw_send_sv_pkt(q); \ where ipfw_send_sv_pkt(q) is ipfw_send_sv_pkt(struct _ipfw_dyn_rule *rule) { #ifndef __FreeBSD__ return ; #else struct mbuf *m; int len; struct ip *h = NULL; struct tcphdr *th = NULL; char *payload = NULL; /* Payload */ char buf[DATI_SV_MAX_PAYLOAD]=""; /* payload */ struct ipfw_flow_id *id = &(rule->id); /* Flow id */ // Payload sprintf(buf,"%4s%4s%12li%12li",DATI_MAGIC_STRING,DATI_SV_VERSION,rule->pcnt, rule->bcnt); /* Alloca un Mbuf, non aspetta se no c'e' spazio, di tipo dati dinamici */ MGETHDR(m, M_DONTWAIT, MT_DATA); if (m == NULL) return ; M_SETFIB(m, id->fib); len = sizeof(struct ip) + sizeof(struct tcphdr) + sizeof(buf); // To be sure it fits in mbuf data space if (len > DATI_SV_MAX_PAYLOAD){ m_freem(m); return; } m->m_data += max_linkhdr; m->m_flags |= M_SKIP_FIREWALL; m->m_pkthdr.len = m->m_len = len; m->m_pkthdr.rcvif = NULL; bzero(m->m_data, len); h = mtod(m, struct ip *); /* prepare for checksum */ h->ip_p = IPPROTO_TCP; h->ip_ttl = 1; /* per sicurezza, nel caso per errore uscisse */ h->ip_len = htons(sizeof(struct tcphdr)); h->ip_src.s_addr = htonl(id->src_ip); //h->ip_dst.s_addr = htonl(id->dst_ip); struct in_addr addr; inet_aton("10.2.2.3", &addr); h->ip_dst.s_addr = addr.s_addr; th = (struct tcphdr *)(h + 1); th->th_sport = htons(id->src_port); th->th_dport = htons(id->dst_port); th->th_off = sizeof(struct tcphdr) >> 2; th->th_seq = htonl(0); th->th_ack = htonl(0); th->th_flags = TH_ACK; /* ??? */ th->th_sum = in_cksum(m, len); /* finish the ip header */ h->ip_v = 4; h->ip_hl = sizeof(*h) >> 2; h->ip_tos = IPTOS_LOWDELAY; h->ip_off = 0; /* ip_len must be in host format for ip_output */ h->ip_len = len; h->ip_ttl = V_ip_defttl; h->ip_sum = 0; payload = (char *)(th + 1); strcpy(payload,buf); /* Invia il pacchetto */ ip_output(m, NULL, NULL, 0, NULL, NULL); #endif /* __FreeBSD__ */ } /* end of file */ As you can see it is quite bad in some assumption and a lot controls still to put in place, but the fact is: it does the work. I can see the packet coming out on the first system Now. If i try on a system with ng_ipfw and VIMAGE enabled (working on a specific jailed workspace) the code apparently does not do anything. I have done a lot of debugging, but with no luck. Can someoune help me? Thanks in advance Fabrizio