From owner-freebsd-net@FreeBSD.ORG Mon Feb 9 22:26:32 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id B0A8D16A4CE for ; Mon, 9 Feb 2004 22:26:32 -0800 (PST) Received: from smtp.netli.com (ip2-pal-focal.netli.com [66.243.52.2]) by mx1.FreeBSD.org (Postfix) with ESMTP id 88E0443D1F for ; Mon, 9 Feb 2004 22:26:32 -0800 (PST) (envelope-from vlm@netli.com) Received: (qmail 1716 invoked by uid 84); 10 Feb 2004 06:26:33 -0000 Received: from vlm@netli.com by l3-1 with qmail-scanner-0.96 (uvscan: v4.1.40/v4121. . Clean. Processed in 0.164052 secs); 10 Feb 2004 06:26:33 -0000 Received: from unknown (HELO netli.com) (172.17.1.12) by mx01-pal-lan.netli.lan with SMTP; 10 Feb 2004 06:26:32 -0000 Message-ID: <402879D6.70401@netli.com> Date: Mon, 09 Feb 2004 22:27:34 -0800 From: Lev Walkin Organization: Netli, Inc. User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.5) Gecko/20031019 X-Accept-Language: ru, en-us, en MIME-Version: 1.0 To: Hendrik Scholz References: <1BEABD96-5B82-11D8-A0D4-000A95BAD088@raisdorf.net> In-Reply-To: <1BEABD96-5B82-11D8-A0D4-000A95BAD088@raisdorf.net> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit cc: freebsd-net@freebsd.org Subject: Re: remote traceroute and ping for jails X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 10 Feb 2004 06:26:32 -0000 Hendrik Scholz wrote: > Hi! > > I've just finished a quick hack to allow jails to indirectly execute ping > and traceroute by sending commands to the FreeBSD host housing the jails. > A small daemon processes the requests and sends the reply back to the > clients. > > Just grab http://www.wormulon.net/files/FreeBSD/rsocket-HEAD.tar.gz > and don't forget to modify defs.h :) > > 'features': > > - should be safe from 'hack' attempts like "traceroute 123.org;id" > - IPv6 ready ... just need to add some lines > - executes ping -c 4 and does not offer any way to modify parameters > - works for me :) > > Any comments are welcome! === cut === /* dissect into type and parameter */ param = strstr(buf, " "); if ((param != NULL) || (strstr(param, " ") != NULL)) { *param = '\0'; param++; param[strlen(param)-2] = '\0'; === cut === Suppose the buffer holds the following data: " ". param=strstr(buf, " "); will pass. param!=NULL will yield true *param++ = 0 will put \0 instead of the space. strlen(param) will yield 0. param[-2] = '\0' will write zero into... into... something... throw it off and rewirite anew. -- Lev Walkin vlm@netli.com