[prev in list] [next in list] [prev in thread] [next in thread] 

List:       ipfilter
Subject:    ip_len byte swapping problem
From:       Matt Impett <M.Impett () flarion ! com>
Date:       2002-06-28 23:02:33
[Download RAW message or body]

Hello,

I just recently started using ipfilter, and I have noticed something
strange. First, some info:

System: FreeBSD 4.3-RELEASE

Now, in my setup I have one ethernet device, xl0.  I also have one tunnel
device I have configured as gif0.  I added one ipfilter rule which looked
like this:
block in quick on xl0 to gif0 from 10.1.128.6 to any

Basically, I wanted to take all traffic from source address 10.1.128.6 and
push it out tunnel device gif0, which is implementing IP-in-IP
encapsulation.  What I have noticed from running tcpdump is that the packets
get sent out the tunnel, but the ip_len field of the inner ip header is byte
swapped.  I looked at ip_fil.c and I think I found the culprit lines in
ipfr_fastroute(), where the ip_len field is byte swapped once, and then byte
swapped again after a call to the interface's output routine.

Anyway, I looked at the most recent version of ipfilter from the website
(version 3.4.28) and the offending lines are removed (in addition to many
other changes).  So, I was wondering if its okay to remove these lines from
ip_fil.c (line #s 1401-1405):

		if (i) {
			ip->ip_id = ntohs(ip->ip_id);
			ip->ip_len = ntohs(ip->ip_len);
			ip->ip_off = ntohs(ip->ip_off);
		}

Or, perhaps there is a patch for the version of ipfilter I have.  I couldn't
find the version I have anywhere, but the version of ip_fil.c is sccsid 2.41
and rcsid 1.14.2.4.

Or, could I just upgrade to the newest version of ipfilter?? Is this
compatible with FreeBSD 4.3??

thanks,
matt
[prev in list] [next in list] [prev in thread] [next in thread]