From owner-freebsd-ipfw@FreeBSD.ORG Sat Jun 4 13:00:25 2011 Return-Path: Delivered-To: freebsd-ipfw@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 62A0B106566B for ; Sat, 4 Jun 2011 13:00:25 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id 394CF8FC0A for ; Sat, 4 Jun 2011 13:00:25 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.4/8.14.4) with ESMTP id p54D0OQC030793 for ; Sat, 4 Jun 2011 13:00:24 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.4/8.14.4/Submit) id p54D0Oji030792; Sat, 4 Jun 2011 13:00:24 GMT (envelope-from gnats) Date: Sat, 4 Jun 2011 13:00:24 GMT Message-Id: <201106041300.p54D0Oji030792@freefall.freebsd.org> To: freebsd-ipfw@FreeBSD.org From: Manuel Kasper Cc: Subject: Re: kern/157239: [ipfw] [dummynet] ipfw + dummynet corrupts ipv6 packets X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: Manuel Kasper List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 04 Jun 2011 13:00:25 -0000 The following reply was made to PR kern/157239; it has been noted by GNATS. From: Manuel Kasper To: bug-followup@FreeBSD.org Cc: crest@tzi.de Subject: Re: kern/157239: [ipfw] [dummynet] ipfw + dummynet corrupts ipv6 packets Date: Sat, 4 Jun 2011 14:37:56 +0200 --Apple-Mail-18-318878430 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=us-ascii I've been able to reproduce this on a FreeBSD 9.0-CURRENT snapshot dated = May 12 as well, but the behavior is a bit different compared to 8.2 with = respect to direction and one_pass setting: FreeBSD 8.2: - dummynet on input, one_pass=3D0: OK - dummynet on input, one_pass=3D1: broken - dummynet on output, one_pass=3D0: broken - dummynet on output, one_pass=3D1: broken FreeBSD 9: - dummynet on input, one_pass=3D0: OK - dummynet on input, one_pass=3D1: broken - dummynet on output, one_pass=3D0: broken - dummynet on output, one_pass=3D1: OK Also, I believe I've found the cause: ipfw/dummynet code uses = SET_HOST_IPLEN on IPv6 packets in two instances, thus inadvertently = swapping the next header and hop limit fields in the IPv6 header, = causing the "Unknown Extension Header" warnings and dropped packets (or = bad packets appearing on the wire if = net.inet6.ip6.fw.deny_unknown_exthdrs=3D0). A patch against 8.2-RELEASE that fixes this issue for me is attached - = Jan, could you please verify if this fixes the issue for you too? - Manuel --Apple-Mail-18-318878430 Content-Disposition: attachment; filename=dummynet_v6.patch Content-Type: application/octet-stream; name="dummynet_v6.patch" Content-Transfer-Encoding: 7bit --- sys/netinet/ipfw/ip_dn_io.c.orig 2010-12-28 13:18:46.000000000 +0100 +++ sys/netinet/ipfw/ip_dn_io.c 2011-06-04 14:35:45.305439000 +0200 @@ -610,7 +610,6 @@ break; case DIR_OUT | PROTO_IPV6: - SET_HOST_IPLEN(mtod(m, struct ip *)); ip6_output(m, NULL, NULL, IPV6_FORWARDING, NULL, NULL, NULL); break; #endif --- sys/netinet/ipfw/ip_fw_pfil.c.orig 2010-12-21 18:09:25.000000000 +0100 +++ sys/netinet/ipfw/ip_fw_pfil.c 2011-06-04 14:35:45.305439000 +0200 @@ -127,7 +127,8 @@ args.rule = *((struct ipfw_rule_ref *)(tag+1)); m_tag_delete(*m0, tag); if (args.rule.info & IPFW_ONEPASS) { - SET_HOST_IPLEN(mtod(*m0, struct ip *)); + if (mtod(*m0, struct ip *)->ip_v == 4) + SET_HOST_IPLEN(mtod(*m0, struct ip *)); return 0; } } --Apple-Mail-18-318878430--