Masquerading Bug in recent kernels

Michael Riepe (riepe@ifwsn4.ifw.uni-hannover.de)
Wed, 15 May 1996 03:04:02 +0200

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Ian main: "Re: Java and the FSSTND"
Previous message: Vadim E. Kogan: "Re: TTY switching - SysReq rather than Alt please?"

Hi *!

I have found an undocumented feature ;) in the IP masquerading code;
when masquerading fails for any reason, packets are sent along
unmodified. This is IMHO a Bad Thing[tm]. Patch for 1.3.97 (works with
pre2.0.3, too) follows.

Michael.

------- chainsaw -------
diff -ru linux-1.3.97.orig/include/net/ip_masq.h linux-1.3.97/include/net/ip_masq.h
--- linux-1.3.97.orig/include/net/ip_masq.h Fri May 3 16:07:09 1996
+++ linux-1.3.97/include/net/ip_masq.h Wed May 15 02:10:35 1996
@@ -84,7 +84,7 @@
/*
* functions called from ip layer
*/
-extern void ip_fw_masquerade(struct sk_buff **, struct device *);
+extern int ip_fw_masquerade(struct sk_buff **, struct device *);
extern int ip_fw_demasquerade(struct sk_buff **, struct device *);

/*
diff -ru linux-1.3.97.orig/net/ipv4/ip_forward.c linux-1.3.97/net/ipv4/ip_forward.c
--- linux-1.3.97.orig/net/ipv4/ip_forward.c Fri Apr 19 19:57:26 1996
+++ linux-1.3.97/net/ipv4/ip_forward.c Wed May 15 02:15:59 1996
@@ -250,7 +250,15 @@
* (Dont masquerade de-masqueraded fragments)
*/
if (!(is_frag&IPFWD_MASQUERADED) && fw_res==FW_MASQUERADE)
- ip_fw_masquerade(&skb, dev2);
+ if (ip_fw_masquerade(&skb, dev2) < 0)
+ {
+ /*
+ * Masquerading failed; silently discard this packet.
+ */
+ if (rt)
+ ip_rt_put(rt);
+ return -1;
+ }
#endif
IS_SKB(skb);

diff -ru linux-1.3.97.orig/net/ipv4/ip_masq.c linux-1.3.97/net/ipv4/ip_masq.c
--- linux-1.3.97.orig/net/ipv4/ip_masq.c Fri Apr 26 16:24:39 1996
+++ linux-1.3.97/net/ipv4/ip_masq.c Wed May 15 02:07:05 1996
@@ -424,7 +424,7 @@
uh->check=0xFFFF;
}

-void ip_fw_masquerade(struct sk_buff **skb_ptr, struct device *dev)
+int ip_fw_masquerade(struct sk_buff **skb_ptr, struct device *dev)
{
struct sk_buff *skb=*skb_ptr;
struct iphdr *iph = skb->h.iph;
@@ -438,7 +438,7 @@
*/

if (iph->protocol!=IPPROTO_UDP && iph->protocol!=IPPROTO_TCP)
- return;
+ return -1;

/*
* Now hunt the list to see if we have an old entry
@@ -467,7 +467,7 @@
iph->daddr, portptr[1],
0);
if (ms == NULL)
- return;
+ return -1;
}

/*
@@ -535,6 +535,8 @@
#ifdef DEBUG_CONFIG_IP_MASQUERADE
printk("O-routed from %lX:%X over %s\n",ntohl(ms->maddr),ntohs(ms->mport),dev->name);
#endif
+
+ return 0;
}

/*
------- chainsaw -------

-- 
 Michael "Tired" Riepe <riepe@ifwsn4.ifw.uni-hannover.de>
 "Beware the storm that gathers here!" (The Prophet's Song)

Next message: Ian main: "Re: Java and the FSSTND"
Previous message: Vadim E. Kogan: "Re: TTY switching - SysReq rather than Alt please?"