Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 25 Nov 2019 15:43:55 -0800
From:      Julian Elischer <julian@freebsd.org>
To:        Colin Percival <cperciva@tarsnap.com>, "freebsd-net@freebsd.org" <freebsd-net@freebsd.org>
Subject:   Re: SOCK_RAW && SO_DONTROUTE doesn't work
Message-ID:  <63cdda3a-8078-7e1a-6a59-614ed6785e88@freebsd.org>
In-Reply-To: <0100016ea42871c1-492a3b9f-be05-4e4b-8ab4-8710ea36cdc2-000000@email.amazonses.com>
References:  <0100016ea42871c1-492a3b9f-be05-4e4b-8ab4-8710ea36cdc2-000000@email.amazonses.com>
next in thread | previous in thread | raw e-mail | index | archive | help 
On 11/25/19 12:02 PM, Colin Percival wrote:
> Hi networky people,
>
> I'm not sure if this was deliberate or if it's a bug.
>
> If you create a raw IP socket, turn on IP_HDRINCL and SO_DONTROUTE, and
> then use sendto(2) to send a packet, the destination address provided to
> sendto(2) is ignored; instead, the destination is taken from the packet's
> ip_dst field.
>
> It looks like this happens because rip_output calls ip_output with a NULL
> value for ro, prompting ip_output to look up the destination from the IP
> packet, rather than the destination passed to sendto (which never made its
> way out of rip_output).
>
> I tripped over this because I was trying to have a userland process which
> routes (some) packets differently from how the routing tables specify; but
> my "no really, go out THAT interface" wasn't being respected. :-(
>
> (Full background: I want to make a transparent proxy which intercepts
> outgoing connections to 169.254.169.254, allowing some of them through and
> redirecting others for special handling.  I created a tun which outgoing
> packets get routed into; but I ran into problems when I wanted to forward
> some of the packets out of the external interface since they ignored my
> attempts to route them and came straight back into the tun instead.)
>
I have always achieved this sort of thing using ipfw fwd rules, rather
than trying to bend the IP stack to do it.

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?63cdda3a-8078-7e1a-6a59-614ed6785e88>