Date: Thu, 17 Aug 2000 08:37:07 +0200 (CEST) From: Luigi Rizzo <luigi@info.iet.unipi.it> To: Yusuf Goolamabbas <yusufg@outblaze.com> Cc: freebsd-net@FreeBSD.ORG Subject: Re: [avalon@COOMBS.ANU.EDU.AU: Ip packet filtering with bridging on freebsd] Message-ID: <200008170637.IAA03423@info.iet.unipi.it> In-Reply-To: <20000817122736.A9181@outblaze.com> from Yusuf Goolamabbas at "Aug 17, 2000 12:27:36 pm"
next in thread | previous in thread | raw e-mail | index | archive | help
> Any comments to Darren's assertion ? i would appreciate if he was giving more details on the allegedly missing sanity checks. Furthermore, and just for the records, the feature was not copied in any way from openbsd -- the entire bridging code and the ipfw integration was written from scratch, i did not even know openbsd had that. so no wonder "large amounts of code were not copied" -- no code was copied! cheers luigi > -- > Yusuf Goolamabbas > yusufg@outblaze.com -- Start of included mail From: Darren Reed <avalon@COOMBS.ANU.EDU.AU> > Return-path: <owner-bugtraq@SECURITYFOCUS.COM> > Delivered-To: yusufg@yusufg.portal2.com > Delivered-To: outblaze-yusufg@OUTBLAZE.COM > Approved-By: aleph1@SECURITYFOCUS.COM > Delivered-To: bugtraq@lists.securityfocus.com > Delivered-To: bugtraq@securityfocus.com > Date: Tue, 1 Aug 2000 07:14:50 +1000 > Reply-To: Darren Reed <avalon@COOMBS.ANU.EDU.AU> > Sender: Bugtraq List <BUGTRAQ@SECURITYFOCUS.COM> > Subject: Ip packet filtering with bridging on freebsd > To: BUGTRAQ@SECURITYFOCUS.COM > If someone is doing packet filtering using ipfw to do packet filtering > with a FreeBSD box configured to do bridging, it is relatively easy to > make the box go "boom" as none of the standard header sanity checks > are done prior to the filter routine being called (check /sys/net/bridge.c) > It is a feature "copied" from OpenBSD but somehow large amounts of code > were not copied and bugs resulted. -- End of included mail. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200008170637.IAA03423>