From owner-freebsd-net  Wed Aug 16 21:27:44 2000
Delivered-To: freebsd-net@freebsd.org
Received: from proxy.outblaze.com (proxy.outblaze.com [202.77.223.120])
	by hub.freebsd.org (Postfix) with SMTP id 6B83337BB68
	for <freebsd-net@freebsd.org>; Wed, 16 Aug 2000 21:27:40 -0700 (PDT)
	(envelope-from yusufg@outblaze.com)
Received: (qmail 69558 invoked from network); 17 Aug 2000 04:27:37 -0000
Received: from unknown (HELO yusufg.portal2.com) (202.77.181.217)
  by proxy.outblaze.com with SMTP; 17 Aug 2000 04:27:37 -0000
Received: (qmail 9207 invoked by uid 500); 17 Aug 2000 04:27:36 -0000
Date: Thu, 17 Aug 2000 12:27:36 +0800
From: Yusuf Goolamabbas <yusufg@outblaze.com>
To: freebsd-net@freebsd.org
Subject: [avalon@COOMBS.ANU.EDU.AU: Ip packet filtering with bridging on freebsd]
Message-ID: <20000817122736.A9181@outblaze.com>
Mime-Version: 1.0
Content-Type: multipart/mixed; boundary="AqsLC8rIMeq19msA"
Content-Disposition: inline
User-Agent: Mutt/1.2i
Sender: owner-freebsd-net@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org


--AqsLC8rIMeq19msA
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline

Any comments to Darren's assertion ?

-- 
Yusuf Goolamabbas
yusufg@outblaze.com

--AqsLC8rIMeq19msA
Content-Type: message/rfc822
Content-Disposition: inline

Return-Path: <owner-bugtraq@SECURITYFOCUS.COM>
Delivered-To: yusufg@yusufg.portal2.com
Received: (qmail 24787 invoked from network); 1 Aug 2000 19:38:32 -0000
Received: from unknown (HELO proxy.outblaze.com) (202.77.223.120)
  by yusufg.portal2.com with SMTP; 1 Aug 2000 19:38:32 -0000
Received: (qmail 21660 invoked by uid 1010); 1 Aug 2000 19:38:32 -0000
Delivered-To: outblaze-yusufg@OUTBLAZE.COM
Received: (qmail 21648 invoked from network); 1 Aug 2000 19:38:32 -0000
Received: from unknown (HELO lists.securityfocus.com) (207.126.127.68)
  by proxy.outblaze.com with SMTP; 1 Aug 2000 19:38:32 -0000
Received: from lists.securityfocus.com (lists.securityfocus.com [207.126.127.68])
	by lists.securityfocus.com (Postfix) with ESMTP
	id 9F12E1F883; Tue,  1 Aug 2000 12:27:06 -0700 (PDT)
Received: from LISTS.SECURITYFOCUS.COM by LISTS.SECURITYFOCUS.COM
          (LISTSERV-TCP/IP release 1.8d) with spool id 11050907 for
          BUGTRAQ@LISTS.SECURITYFOCUS.COM; Tue, 1 Aug 2000 12:26:40 -0700
Approved-By: aleph1@SECURITYFOCUS.COM
Delivered-To: bugtraq@lists.securityfocus.com
Received: from securityfocus.com (mail.securityfocus.com [207.126.127.78]) by
          lists.securityfocus.com (Postfix) with SMTP id 8712B1EF20 for
          <bugtraq@lists.securityfocus.com>; Mon, 31 Jul 2000 14:14:59 -0700
          (PDT)
Received: (qmail 7626 invoked by alias); 31 Jul 2000 21:15:41 -0000
Delivered-To: bugtraq@securityfocus.com
Received: (qmail 7623 invoked from network); 31 Jul 2000 21:15:39 -0000
Received: from cairo.anu.edu.au (150.203.224.11) by mail.securityfocus.com with
          SMTP; 31 Jul 2000 21:15:39 -0000
Received: (from avalon@localhost) by cairo.anu.edu.au (8.9.3/8.9.3) id HAA29256
          for bugtraq@securityfocus.com; Tue, 1 Aug 2000 07:14:50 +1000 (EST)
X-Mailer: ELM [version 2.4ME+ PL39 (25)]
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Message-ID:  <200007312114.HAA29256@cairo.anu.edu.au>
Date:         Tue, 1 Aug 2000 07:14:50 +1000
Reply-To: Darren Reed <avalon@COOMBS.ANU.EDU.AU>
Sender: Bugtraq List <BUGTRAQ@SECURITYFOCUS.COM>
From: Darren Reed <avalon@COOMBS.ANU.EDU.AU>
Subject:      Ip packet filtering with bridging on freebsd
To: BUGTRAQ@SECURITYFOCUS.COM

If someone is doing packet filtering using ipfw to do packet filtering
with a FreeBSD box configured to do bridging, it is relatively easy to
make the box go "boom" as none of the standard header sanity checks
are done prior to the filter routine being called (check /sys/net/bridge.c)
It is a feature "copied" from OpenBSD but somehow large amounts of code
were not copied and bugs resulted.

--AqsLC8rIMeq19msA--


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-net" in the body of the message