Date: Wed, 23 Aug 2000 00:39:52 -0600 (MDT) From: "David G. Andersen" <dga@pobox.com> To: cjclark@alum.mit.edu Cc: freebsd-security@FreeBSD.ORG Subject: Re: Blackhat Firewall-1 Codes Message-ID: <200008230639.AAA04483@faith.cs.utah.edu> In-Reply-To: <20000822233432.K28027@149.211.6.64.reflexcom.com> from "Crist J . Clark" at Aug 22, 2000 11:34:32 PM
next in thread | previous in thread | raw e-mail | index | archive | help
Without looking at all at the code, but speaking from having ported
numerous of these things to FreeBSD, I'll hazard a few guesses:
- differing levels of "rawness" between BSD and Linux;
BSD raw sockets perform an htons() on the ip_len, ip_off,
and ip_tos fields.
- set sin_len in your struct sockaddr_in; not all systems
have this field.
- set IP_HDRINCLUDE and other friends when opening the raw socket,
if they're not already.
Happy porting.
-Dave
Lo and behold, Crist J . Clark once said:
>
>
> I have been trying to get the 'fw1tun' codes to run under FreeBSD. I
> have been getting,
>
> $ ./icmp [args]
> sendto: Invalid argument
>
> Oh, just for the record, I am trying to see if some firewalls we have
> (ones not on the Internet, so no games from any kids out there) can be
> exploited.
> --
> Crist J. Clark cjclark@alum.mit.com
--
work: dga@lcs.mit.edu me: dga@pobox.com
MIT Laboratory for Computer Science http://www.angio.net/
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200008230639.AAA04483>