From owner-freebsd-bugs Thu Oct 25 7:10:12 2001 Delivered-To: freebsd-bugs@hub.freebsd.org Received: from freefall.freebsd.org (freefall.FreeBSD.org [216.136.204.21]) by hub.freebsd.org (Postfix) with ESMTP id 7178C37B406 for ; Thu, 25 Oct 2001 07:10:02 -0700 (PDT) Received: (from gnats@localhost) by freefall.freebsd.org (8.11.4/8.11.4) id f9PEA2H29242; Thu, 25 Oct 2001 07:10:02 -0700 (PDT) (envelope-from gnats) Received: from freefall.freebsd.org (freefall.FreeBSD.org [216.136.204.21]) by hub.freebsd.org (Postfix) with ESMTP id 8426C37B405 for ; Thu, 25 Oct 2001 07:09:09 -0700 (PDT) Received: (from nobody@localhost) by freefall.freebsd.org (8.11.4/8.11.4) id f9PE99f29088; Thu, 25 Oct 2001 07:09:09 -0700 (PDT) (envelope-from nobody) Message-Id: <200110251409.f9PE99f29088@freefall.freebsd.org> Date: Thu, 25 Oct 2001 07:09:09 -0700 (PDT) From: Colin Legendre To: freebsd-gnats-submit@FreeBSD.org X-Send-Pr-Version: www-1.0 Subject: misc/31489: Conflict Between BPF and ssh2 protocol in openssh Sender: owner-freebsd-bugs@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org >Number: 31489 >Category: misc >Synopsis: Conflict Between BPF and ssh2 protocol in openssh >Confidential: no >Severity: non-critical >Priority: medium >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Thu Oct 25 07:10:02 PDT 2001 >Closed-Date: >Last-Modified: >Originator: Colin Legendre >Release: FreeBSD 4.4-STABLE >Organization: NS3G.COM >Environment: FreeBSD sudz.ns3g.com 4.4-STABLE FreeBSD 4.4-STABLE #0: Wed Oct 24 15:54:08 EDT 2001 sudz@sudz.ns3g.com:/usr/obj/usr/src/sys/CUSTOM7 i386 >Description: There seems to be a conflict between the bpf and the ssh2 protocol within openssh. When running trafshow or tcpdump on a connection to a openssh server using ssh2 protocol the traffic flow increases to 25-75K per sec. Doing the same thing using ssh1 protocol the connection is 1-2K per sec. >How-To-Repeat: 1. from any client connect to a FreeBSD 4.4-STABLE box using ssh protocol version 2. su to root and run 'trafshow port 22'. Notice the high volume of traffic. 2. do the same thing as step 1 but use ssh protocol version 1. Notice the much lowere volume of traffic. 3. Connect to the remote box using ssh2, do not run trafshow. now on the originating box run trafshow. Notice the traffic is still low. But if you start trafshow on the remote box the trafic increases dramaticaly. You can swap trafshow with tcpdump and get the same problem. >Fix: >Release-Note: >Audit-Trail: >Unformatted: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message