Date: Tue, 2 Jan 2007 15:13:52 +0100 From: VANHULLEBUS Yvan <vanhu_bsd@zeninc.net> To: freebsd-net@freebsd.org Subject: Re: NAT Taversal bug in kernel patch ? Message-ID: <20070102141351.GA1604@jayce.zen.inc> In-Reply-To: <20070102105959.94227.qmail@web51909.mail.yahoo.com> References: <20070102105959.94227.qmail@web51909.mail.yahoo.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, Jan 02, 2007 at 02:59:59AM -0800, ashoke saha wrote: > Hi , Hi. > just joined the mailibng list. I was implementing > NAT traversal based on the patch and my kernel was > panicking because of wrong ipsec config, which it > should not whatever be the config. > > Looks like there is a small issue in the code > http://ipsec-tools.sourceforge.net/freebsd6-natt.diff > which might already be fixed. > > Look at the call of the function > udp4_espinudp () in udp append. Now under certain > circumstances it is possible that udp4_espinudp () > calls m_pullup() and it would add a new pkt header to > the mbuf chain. But udp_append() is still holding the > old head, whose PKTHDR flag is now off. It then sends > the pkt further up and kernel does as panic as it does > not see PKTHDR flag. I already fixed "something like that" a few months ago. Are you using the latest version of the patch ? MD5 sum of the patch file should be 510ac07e6aa95d34e1e05da0695e4059, is that what you get ? Yvan. -- NETASQ http://www.netasq.com
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20070102141351.GA1604>