From owner-freebsd-security Tue Aug 22 23:40: 5 2000 Delivered-To: freebsd-security@freebsd.org Received: from faith.cs.utah.edu (faith.cs.utah.edu [155.99.198.108]) by hub.freebsd.org (Postfix) with ESMTP id 636E037B424 for ; Tue, 22 Aug 2000 23:39:58 -0700 (PDT) Received: (from danderse@localhost) by faith.cs.utah.edu (8.9.3/8.9.3) id AAA04483; Wed, 23 Aug 2000 00:39:52 -0600 (MDT) Message-Id: <200008230639.AAA04483@faith.cs.utah.edu> Subject: Re: Blackhat Firewall-1 Codes To: cjclark@alum.mit.edu Date: Wed, 23 Aug 2000 00:39:52 -0600 (MDT) Cc: freebsd-security@FreeBSD.ORG In-Reply-To: <20000822233432.K28027@149.211.6.64.reflexcom.com> from "Crist J . Clark" at Aug 22, 2000 11:34:32 PM From: "David G. Andersen" X-Mailer: ELM [version 2.5 PL2] MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Without looking at all at the code, but speaking from having ported numerous of these things to FreeBSD, I'll hazard a few guesses: - differing levels of "rawness" between BSD and Linux; BSD raw sockets perform an htons() on the ip_len, ip_off, and ip_tos fields. - set sin_len in your struct sockaddr_in; not all systems have this field. - set IP_HDRINCLUDE and other friends when opening the raw socket, if they're not already. Happy porting. -Dave Lo and behold, Crist J . Clark once said: > > > I have been trying to get the 'fw1tun' codes to run under FreeBSD. I > have been getting, > > $ ./icmp [args] > sendto: Invalid argument > > Oh, just for the record, I am trying to see if some firewalls we have > (ones not on the Internet, so no games from any kids out there) can be > exploited. > -- > Crist J. Clark cjclark@alum.mit.com -- work: dga@lcs.mit.edu me: dga@pobox.com MIT Laboratory for Computer Science http://www.angio.net/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message