Skip site navigation (1)Skip section navigation (2) 
Date:      Wed, 27 May 1998 08:21:23 -0700
From:      David Greenman <dg@root.com>
To:        Bart Smit <bit@signature.nl>
Cc:        "J.A. Terranson" <sysadmin@mfn.org>, "'FreeBSD Security'" <freebsd-security@FreeBSD.ORG>
Subject:   Re: SMURF in 2.2.5 
Message-ID:  <199805271521.IAA07595@implode.root.com>
In-Reply-To: Your message of "Wed, 27 May 1998 10:50:05 %2B0200." <Pine.BSF.3.96.980527104739.29546A-100000@pollux.or.signature.nl>
next in thread | previous in thread | raw e-mail | index | archive | help 

>On Wed, 27 May 1998, J.A. Terranson wrote:
>
>> I will not report this to bugtraq untill you guys tell me there's
>> a patch...
>
>Well,  sysctl -w net.inet.icmp.bmcastecho=0  does not help, contrary to
>what you'd expect from the advisory...

   That's because the logic for it was broken in the kernel. I just fixed it
yesterday. Diff attached (line numbers in -stable will vary slightly).

-DG

David Greenman
Co-founder/Principal Architect, The FreeBSD Project

Index: ip_icmp.c
===================================================================
RCS file: /home/ncvs/src/sys/netinet/ip_icmp.c,v
retrieving revision 1.29
retrieving revision 1.30
diff -c -r1.29 -r1.30
*** ip_icmp.c	1997/08/25 16:29:27	1.29
--- ip_icmp.c	1998/05/26 11:34:30	1.30
***************
*** 375,382 ****
  
  	case ICMP_ECHO:
  		if (!icmpbmcastecho
! 		    && (m->m_flags & (M_MCAST | M_BCAST)) != 0
! 		    && IN_MULTICAST(ntohl(ip->ip_dst.s_addr))) {
  			icmpstat.icps_bmcastecho++;
  			break;
  		}
--- 375,381 ----
  
  	case ICMP_ECHO:
  		if (!icmpbmcastecho
! 		    && (m->m_flags & (M_MCAST | M_BCAST)) != 0) {
  			icmpstat.icps_bmcastecho++;
  			break;
  		}
***************
*** 385,392 ****
  
  	case ICMP_TSTAMP:
  		if (!icmpbmcastecho
! 		    && (m->m_flags & (M_MCAST | M_BCAST)) != 0
! 		    && IN_MULTICAST(ntohl(ip->ip_dst.s_addr))) {
  			icmpstat.icps_bmcasttstamp++;
  			break;
  		}
--- 384,390 ----
  
  	case ICMP_TSTAMP:
  		if (!icmpbmcastecho
! 		    && (m->m_flags & (M_MCAST | M_BCAST)) != 0) {
  			icmpstat.icps_bmcasttstamp++;
  			break;
  		}

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe security" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199805271521.IAA07595>