From owner-freebsd-bugs@FreeBSD.ORG Mon Oct 20 09:10:13 2003 Return-Path: Delivered-To: freebsd-bugs@hub.freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 8F22F16A4B3 for ; Mon, 20 Oct 2003 09:10:13 -0700 (PDT) Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id 4B4E443FBF for ; Mon, 20 Oct 2003 09:10:12 -0700 (PDT) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) by freefall.freebsd.org (8.12.9/8.12.9) with ESMTP id h9KGACFY088575 for ; Mon, 20 Oct 2003 09:10:12 -0700 (PDT) (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.12.9/8.12.9/Submit) id h9KGACXk088573; Mon, 20 Oct 2003 09:10:12 -0700 (PDT) (envelope-from gnats) Resent-Date: Mon, 20 Oct 2003 09:10:12 -0700 (PDT) Resent-Message-Id: <200310201610.h9KGACXk088573@freefall.freebsd.org> Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer) Resent-To: freebsd-bugs@FreeBSD.org Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org, Matthew George Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 1A75F16A4B3 for ; Mon, 20 Oct 2003 09:03:23 -0700 (PDT) Received: from mail.secureworks.net (mail.secureworks.net [209.101.212.155]) by mx1.FreeBSD.org (Postfix) with SMTP id 1DDA743FBD for ; Mon, 20 Oct 2003 09:03:22 -0700 (PDT) (envelope-from mdg@secureworks.net) Received: (qmail 89561 invoked from network); 20 Oct 2003 16:01:02 -0000 Received: from unknown (HELO HOST-192-168-10-225.internal.secureworks.net) (63.239.86.253) by mail.secureworks.net with SMTP; 20 Oct 2003 16:01:02 -0000 Message-Id: <20031020120039.O33518@localhost> Date: Mon, 20 Oct 2003 12:03:00 -0400 (EDT) From: Matthew George To: FreeBSD-gnats-submit@FreeBSD.org Subject: kern/58287: ipnat map protocol specification broken X-BeenThere: freebsd-bugs@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 20 Oct 2003 16:10:13 -0000 >Number: 58287 >Category: kern >Synopsis: ipnat map protocol specification broken >Confidential: no >Severity: serious >Priority: medium >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Mon Oct 20 09:10:11 PDT 2003 >Closed-Date: >Last-Modified: >Originator: Matthew George >Release: FreeBSD 4.8-RELEASE-p1 i386 >Organization: SecureWorks >Environment: System: FreeBSD fbsd.secureworks.net 4.8-RELEASE-p1 FreeBSD 4.8-RELEASE-p1 #4: Thu Sep 25 12:29:50 EDT 2003 mdg@fbsd.secureworks.net:/usr/src/sys/compile/SW-GENERIC-SMP i386 >Description: The docs in ipnat(5) provide the following description of ipnat map with regards to protocol specification: map ::= mapit ifname ipmask "->" dstipmask [ mapport ] mapoptions. mapoptions ::= [ tcpudp ] [ "frag" ] [ age ] [ clamp ] . tcpudp ::= "tcp/udp" | protocol . protocol ::= protocol-name | decnumber . However, ipnat refuses to properly parse a rule with a protocol specified. >How-To-Repeat: # ipnat -f - map dc0 from 192.168.0.0/16 to any -> w.x.y.z/32 icmp 1: extra junk at the end of the line: icmp 1: syntax error in "map" >Fix: I only looked at this very shortly, but the problem appears to be around line 458 of natparse.c. It looks like the protocol is only examined and dealt with if !(ipn.in_redir & (NAT_MAP|NAT_MAPBLK)). -- Matthew George SecureWorks Technical Operations >Release-Note: >Audit-Trail: >Unformatted: