Date: 10 Aug 2001 12:04:43 -0000 From: Przemyslaw Frasunek <venglin@freebsd.lublin.pl> To: FreeBSD-gnats-submit@freebsd.org Subject: kern/29602: kernel doesn't check if newly allocated ephemerical port is occupied by ipnat rdr Message-ID: <20010810120443.26223.qmail@lagoon.freebsd.lublin.pl>
next in thread | raw e-mail | index | archive | help
>Number: 29602 >Category: kern >Synopsis: kernel doesn't check if newly allocated ephemerical port is occupied by ipnat rdr >Confidential: no >Severity: non-critical >Priority: medium >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Fri Aug 10 05:10:01 PDT 2001 >Closed-Date: >Last-Modified: >Originator: Przemyslaw Frasunek >Release: FreeBSD 4.3-STABLE i386 >Organization: czuby.net >Environment: System: FreeBSD lagoon.freebsd.lublin.pl 4.3-STABLE FreeBSD 4.3-STABLE #0: Wed Jul 18 11:43:39 CEST 2001 root@riget.scene.pl:/mnt/lagoon/usr/src/sys/compile/RIGET i386 With ipfilter+ipnat. >Description: When ephemerical port is allocated for outgoing connection, kernel doesn't check if port is already occupied by ipnat redirection. Such condition is very rare, but still possible: intercom:root:/usr/src/sys/netinet# ipnat -l | grep 3389 rdr fxp0 195.205.36.110/32 port 3389 -> 192.168.0.100 port 3389 tcp RDR 192.168.0.100 3389 <- -> 195.205.36.110 3389 [212.2.96.35 80] Source of redirected connection seems to be 212.2.96.35:80, which is impossible. 212.182.96.35:80 is destination of connection initiated from 195.205.36.110:3389 from local machine. >How-To-Repeat: Set up an ipnat redirection on low epheremical port and do some connect()s. >Fix: Unknown. >Release-Note: >Audit-Trail: >Unformatted: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010810120443.26223.qmail>