Subject: Re: kern/7831: panic: m_copydata
To: Darren Reed <darrenr@reed.wattle.id.au>
From: Manuel Bouyer <bouyer@antioche.lip6.fr>
List: tech-net
Date: 08/05/1999 14:51:57
--Kj7319i9nmIyA2yE
Content-Type: text/plain; charset=us-ascii
On Thu, Aug 05, 1999 at 10:29:32AM +1000, Darren Reed wrote:
> There should be a sanity check higher up to ensure that the protocol of
> the current packet being processed matches the protocol which the proxy
> has been designed to support. Patch below.
>
> Darren
>
> Index: ip_proxy.c
> ===================================================================
> RCS file: /devel/CVS/IP-Filter/ip_proxy.c,v
> retrieving revision 2.1
> diff -c -r2.1 ip_proxy.c
> *** ip_proxy.c 1999/08/04 17:29:58 2.1
> --- ip_proxy.c 1999/08/05 00:28:41
> ***************
> *** 185,191 ****
> nat->nat_aps = ap_new_session(nat->nat_ptr->in_apr, ip,
> fin, nat);
> aps = nat->nat_aps;
> ! if (aps != NULL) {
> if (ip->ip_p == IPPROTO_TCP) {
> tcp = (tcphdr_t *)fin->fin_dp;
> /*
> --- 185,191 ----
> nat->nat_aps = ap_new_session(nat->nat_ptr->in_apr, ip,
> fin, nat);
> aps = nat->nat_aps;
> ! if ((aps != NULL) && (aps->aps_p == ip->ip_p)) {
> if (ip->ip_p == IPPROTO_TCP) {
> tcp = (tcphdr_t *)fin->fin_dp;
> /*
Hum the problem is that the NetBSD sources don't look exactly like this.
I guess this change in the NetBSD tree would look like what's appended
below (could you check it's correct please ?).
This will make ap_check() return -1 instead of 2, will this cause problems in
the future ? (for now the return value of ap_check() seems to not be used)
I tested my change this morning. Without this I can panic my router at will
once I've found a dest addr which will respond with a ICMP host runreach.
With this change, the router doesn't panic and the ICMP message is
properly routed back to the inside machine.
As this change does basically the same thing I don't expect problems with
it. I'll test when I get close to this router again.
--
Manuel Bouyer, LIP6, Universite Paris VI. Manuel.Bouyer@lip6.fr
--
--Kj7319i9nmIyA2yE
Content-Type: text/plain; charset=us-ascii
Content-Disposition: attachment; filename="ipnat.diff2"
Index: ip_proxy.c
===================================================================
RCS file: /cvsroot/syssrc/sys/netinet/ip_proxy.c,v
retrieving revision 1.17
diff -u -r1.17 ip_proxy.c
--- ip_proxy.c 1999/02/02 19:57:32 1.17
+++ ip_proxy.c 1999/08/05 12:48:02
@@ -197,8 +197,9 @@
u_32_t sum;
int err;
- if ((aps = nat->nat_aps) ||
- (aps = ap_new_session(nat->nat_ptr->in_apr, ip, fin, nat))) {
+ if ((aps = nat->nat_aps) == NULL)
+ aps = ap_new_session(nat->nat_ptr->in_apr, ip, fin, nat);
+ if ((aps != NULL) && (aps->aps_p == ip->ip_p)) {
if (ip->ip_p == IPPROTO_TCP) {
tcp = (tcphdr_t *)fin->fin_dp;
/*
--Kj7319i9nmIyA2yE--