[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: kernel/2876: pf does not check v6 header in v6 option header



The following reply was made to PR kernel/2876; it has been noted by GNATS.

From: HAMAJIMA Katsuomi <hamajima_(_at_)_nagoya_(_dot_)_ydc_(_dot_)_co_(_dot_)_jp>
To: daniel_(_at_)_benzedrine_(_dot_)_cx
Cc: gnats_(_at_)_openbsd_(_dot_)_org, hamajima_(_at_)_nagoya_(_dot_)_ydc_(_dot_)_co_(_dot_)_jp
Subject: Re: kernel/2876: pf does not check v6 header in v6 option header
Date: Fri, 08 Nov 2002 22:17:08 +0900 (JST)

 >>>Number:         2876
 >>>Synopsis:       pf does not check v6 header in v6 option header
 > 
 >> 	xcast6 packet is v6 -> hop-by-hop -> v6 -> routing -> udp.
 >> 	pf does not check second v6 header. so pf cannot get udp port.
 > 
 > Could you provide a tcpdump -vvvX of such a packet? pf skips IPv6
 > headers IPPROTO_HOPOPTS (0, 'Hop-by-hop option header') and IPPROTO_ROUTING
 > (43, 'Routing header') and should find the UDP header.
 
 This is XCAST6 packet.
 http://www.ietf.org/internet-drafts/draft-ooms-xcast-basic-spec-03.txt
 
 00:20:31.928587 2001:368:3:1:2d0:b7ff:fea0:99a0 > 2001:268:1501:20:202:b3ff:fe49:8b80: HBH (opt_type 0x27: len=0) (padn)2001:368:3:1:2d0:b7ff:fea0:99a0 > ff05::10: srcrt (len=7, type=17, segleft=0[|srcrt]0.3.0.1 > 2.208.183.255: [|udp] (len 117, hlim 9) (len 165, hlim 8)
 0x0000	 6000 0000 00a5 0008 2001 0368 0003 0001	`..........h....
 0x0010	 02d0 b7ff fea0 99a0 2001 0268 1501 0020	...........h....
 0x0020	 0202 b3ff fe49 8b80 2900 2700 0102 17b5	.....I..).'.....
 0x0030	 6000 0000 0075 2b09 2001 0368 0003 0001	`....u+....h....
 0x0040	 02d0 b7ff fea0 99a0 ff05 0000 0000 0000	................
 0x0050	 0000 0000 0000 0010 1107 1100 1002 c0be	................
 0x0060	 0000 0000 0000 0000 0000 0000 0000 0000	................
 0x0070	 0200 0000 0000 0000 2001 0268 1500 0002	...........h....
 0x0080	 0290 27ff fea0 3546 2001 0268 1501 0020	..'...5F...h....
 0x0090	 0202 b3ff fe49 8b80 c669 2b66 0035 2d91	.....I...i+f.5-.
 0x00a0	 8003 c181 65d5 915f 4da1 40d2 d627 9b9d	_(_dot_)__(_dot_)__(_dot_)__(_dot_)_e_(_dot_)__(_dot_)__M_(_dot_)__(_at_)__(_dot_)__(_dot_)_'..
 0x00b0	 dc5a 81e3 0371 be16 b8c3 26ed adca 2ce4	.Z...q....&...,.
 0x00c0	 8226 6fa8 c37f 60a2 215f 7525 ab       	.&o...`.!_u%.
 00:20:31.938101 2001:368:3:1:2d0:b7ff:fea0:99a0 > 2001:268:1501:20:202:b3ff:fe49:8b80: HBH (opt_type 0x27: len=0) (padn)2001:368:3:1:2d0:b7ff:fea0:99a0 > ff05::10: srcrt (len=7, type=17, segleft=0[|srcrt]0.3.0.1 > 2.208.183.255: [|udp] (len 117, hlim 9) (len 165, hlim 8)
 0x0000	 6000 0000 00a5 0008 2001 0368 0003 0001	`..........h....
 0x0010	 02d0 b7ff fea0 99a0 2001 0268 1501 0020	...........h....
 0x0020	 0202 b3ff fe49 8b80 2900 2700 0102 0010	.....I..).'.....
 0x0030	 6000 0000 0075 2b09 2001 0368 0003 0001	`....u+....h....
 0x0040	 02d0 b7ff fea0 99a0 ff05 0000 0000 0000	................
 0x0050	 0000 0000 0000 0010 1107 1100 1002 c0be	................
 0x0060	 0000 0000 0000 0000 0000 0000 0000 0000	................
 0x0070	 0200 0000 0000 0000 2001 0268 1500 0002	...........h....
 0x0080	 0290 27ff fea0 3546 2001 0268 1501 0020	..'...5F...h....
 0x0090	 0202 b3ff fe49 8b80 c669 2b66 0035 3a18	.....I...i+f.5:.
 0x00a0	 8003 c182 65d5 91ff 4da1 40d2 d5e5 83de	_(_dot_)__(_dot_)__(_dot_)__(_dot_)_e_(_dot_)__(_dot_)__(_dot_)_M_(_dot_)__(_at_)__(_dot_)__(_dot_)__(_dot_)__(_dot_)__(_dot_)_
 0x00b0	 237c a440 f3b1 b724 5363 6a0d 59b6 5fcc	#|_(_dot_)__(_at_)__(_dot_)__(_dot_)__(_dot_)_$Scj_(_dot_)_Y_(_dot_)___(_dot_)_
 0x00c0	 c262 4bf3 ba5b b2e3 d513 d244 30       	.bK..[.....D0
 00:20:31.950706 2001:368:3:1:2d0:b7ff:fea0:99a0 > 2001:268:1501:20:202:b3ff:fe49:8b80: HBH (opt_type 0x27: len=0) (padn)2001:368:3:1:2d0:b7ff:fea0:99a0 > ff05::10: srcrt (len=7, type=17, segleft=0[|srcrt]0.3.0.1 > 2.208.183.255: [|udp] (len 117, hlim 9) (len 165, hlim 8)
 0x0000	 6000 0000 00a5 0008 2001 0368 0003 0001	`..........h....
 0x0010	 02d0 b7ff fea0 99a0 2001 0268 1501 0020	...........h....
 0x0020	 0202 b3ff fe49 8b80 2900 2700 0102 0500	.....I..).'.....
 0x0030	 6000 0000 0075 2b09 2001 0368 0003 0001	`....u+....h....
 0x0040	 02d0 b7ff fea0 99a0 ff05 0000 0000 0000	................
 0x0050	 0000 0000 0000 0010 1107 1100 1002 c0be	................
 0x0060	 0000 0000 0000 0000 0000 0000 0000 0000	................
 0x0070	 0200 0000 0000 0000 2001 0268 1500 0002	...........h....
 0x0080	 0290 27ff fea0 3546 2001 0268 1501 0020	..'...5F...h....
 0x0090	 0202 b3ff fe49 8b80 c669 2b66 0035 34d1	.....I...i+f.54.
 0x00a0	 8003 c183 65d5 929f 4da1 40d2 d568 9b5a	_(_dot_)__(_dot_)__(_dot_)__(_dot_)_e_(_dot_)__(_dot_)__(_dot_)_M_(_dot_)__(_at_)__(_dot_)__(_dot_)_h_(_dot_)_Z
 0x00b0	 14ca c3f7 5239 579a 7ea2 26d9 b762 3bbe	....R9W.~.&..b;.
 0x00c0	 e354 e392 7551 f0a3 2f32 61da 51       	.T..uQ../2a.Q