Site Navigation

Date:      Sat, 10 Nov 2001 07:11:26 +0300 (MSK)
From:      .@babolo.ru
To:        FreeBSD-gnats-submit@freebsd.org
Subject:   kern/31891: Change mask of loopback net breaks compatibility with older versions
Message-ID:  <200111100411.HAA12504@aaz.links.ru>

---

next in thread | raw e-mail | index | archive | help

---

>Number:         31891
>Category:       kern
>Synopsis:       Change mask of loopback net breaks compatibility with older versions
>Confidential:   no
>Severity:       serious
>Priority:       low
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Fri Nov 09 20:10:02 PST 2001
>Closed-Date:
>Last-Modified:
>Originator:     Aleksandr A. Babaylov
>Release:        FreeBSD 4.4
>Organization:
home
>Environment:

	FreeBSD cicuta.babolo.ru 4.4-STABLE FreeBSD 4.4-STABLE #0: Sat Oct  6 21:36:53 MSD 2001     babolo@cicuta.babolo.ru:/tmp/babolo/usr/src/sys/cicuta  i386


>Description:

There was 4.2 RELEASE, where packets with 127.0.0.0/24 source address
droped on input interfaces. Now it changed to 127.0.0.0/8,
which is incombatible with old configuration.
This net - 127.0.0.0/8 is extremly useful
as private net in clustering environment,
so I propose configuration variable MYLOOP_MASKLEN,
with default meaning that conforms RFC1122

>How-To-Repeat:

Try P2P addresses in 127.0.0.0/8 net.

>Fix:
	

--- sys/netinet/myloop_masklen.h	Sun Aug 26 04:51:23 2001
+++ sys/netinet/myloop_masklen.h	Sun Aug 26 04:51:14 2001
@@ -0,0 +1,7 @@
+#include "opt_myloop_masklen.h"
+
+#ifndef MYLOOP_MASKLEN
+#define	IN_MY_LOOP(i)		(((u_int32_t)(i) & IN_CLASSA_NET) == (IN_LOOPBACKNET << IN_CLASSA_NSHIFT))
+#else
+#define	IN_MY_LOOP(i)		(((u_int32_t)(i) & (INADDR_BROADCAST << (32 - MYLOOP_MASKLEN))) == (IN_LOOPBACKNET << IN_CLASSA_NSHIFT))
+#endif
--- sys/netinet/in.c	Mon Aug 13 20:26:17 2001
+++ sys/netinet/in.c	Sun Aug 26 04:52:53 2001
@@ -48,6 +48,7 @@
 #include <net/route.h>
 
 #include <netinet/in.h>
+#include <netinet/myloop_masklen.h>
 #include <netinet/in_var.h>
 #include <netinet/in_pcb.h>
 
@@ -112,11 +113,11 @@
 	register u_long i = ntohl(in.s_addr);
 	register u_long net;
 
-	if (IN_EXPERIMENTAL(i) || IN_MULTICAST(i))
+	if (IN_EXPERIMENTAL(i) || IN_MULTICAST(i) || IN_MY_LOOP(i))
 		return (0);
 	if (IN_CLASSA(i)) {
 		net = i & IN_CLASSA_NET;
-		if (net == 0 || net == (IN_LOOPBACKNET << IN_CLASSA_NSHIFT))
+		if (net == 0)
 			return (0);
 	}
 	return (1);
--- sys/netinet/ip_icmp.c	Tue Jul  3 15:01:46 2001
+++ sys/netinet/ip_icmp.c	Sun Aug 26 04:53:46 2001
@@ -50,6 +50,7 @@
 
 #define _IP_VHL
 #include <netinet/in.h>
+#include <netinet/myloop_masklen.h>
 #include <netinet/in_systm.h>
 #include <netinet/in_var.h>
 #include <netinet/ip.h>
@@ -612,8 +613,7 @@
 	int optlen = (IP_VHL_HL(ip->ip_vhl) << 2) - sizeof(struct ip);
 
 	if (!in_canforward(ip->ip_src) &&
-	    ((ntohl(ip->ip_src.s_addr) & IN_CLASSA_NET) !=
-	     (IN_LOOPBACKNET << IN_CLASSA_NSHIFT))) {
+            !IN_MY_LOOP(ntohl(ip->ip_src.s_addr))) {
 		m_freem(m);	/* Bad return address */
 		goto done;	/* Ip_output() will check for broadcast */
 	}
--- sys/netinet/ip_input.c	Thu Jul 19 10:37:26 2001
+++ sys/netinet/ip_input.c	Sun Aug 26 04:54:13 2001
@@ -65,6 +65,7 @@
 #include <net/intrq.h>
 
 #include <netinet/in.h>
+#include <netinet/myloop_masklen.h>
 #include <netinet/in_systm.h>
 #include <netinet/in_var.h>
 #include <netinet/ip.h>
@@ -347,8 +348,9 @@
 	}
 
 	/* 127/8 must not appear on wire - RFC1122 */
-	if ((ntohl(ip->ip_dst.s_addr) >> IN_CLASSA_NSHIFT) == IN_LOOPBACKNET ||
-	    (ntohl(ip->ip_src.s_addr) >> IN_CLASSA_NSHIFT) == IN_LOOPBACKNET) {
+	/* Local change: 127/MYLOOP_MASKLEN */
+	if (IN_MY_LOOP(ntohl(ip->ip_dst.s_addr)) ||
+	    IN_MY_LOOP(ntohl(ip->ip_src.s_addr))) {
 		if ((m->m_pkthdr.rcvif->if_flags & IFF_LOOPBACK) == 0) {
 			ipstat.ips_badaddr++;
 			goto bad;
--- sys/i386/conf/LINT	Wed Aug 15 05:23:49 2001
+++ sys/i386/conf/LINT	Sun Aug 26 02:02:45 2001
@@ -425,6 +425,11 @@
 # mchain library. It can be either loaded as KLD or compiled into kernel
 options 	LIBMCHAIN		#mbuf management library
 
+# Usually kernel must to drop any external packet with src in 127/8
+# But it is useful in clusters narrow this mask in kernel to use
+# some nets in 127/8 for kernels interoperate in cluster.
+options 	MYLOOP_MASKLEN=8
+
 # netgraph(4). Enable the base netgraph code with the NETGRAPH option.
 # Individual node types can be enabled with the corresponding option
 # listed below; however, this is not strictly necessary as netgraph
--- sys/conf/options	Fri Aug  3 04:47:27 2001
+++ sys/conf/options	Sun Aug 26 02:09:29 2001
@@ -272,6 +272,8 @@
 TCPDEBUG
 TCP_DROP_SYNFIN		opt_tcp_input.h
 XBONEHACK
+# For interconnect beetween kernels in cluster
+MYLOOP_MASKLEN
 
 # Netgraph(4). Use option NETGRAPH to enable the base netgraph code.
 # Each netgraph node type can be either be compiled into the kernel
>Release-Note:
>Audit-Trail:
>Unformatted:

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message

---

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200111100411.HAA12504>

Legal Notices | © 1995-2024 The FreeBSD Project. All rights reserved.

Contact