From owner-freebsd-ipfw Sat Jun 30 12:15: 6 2001 Delivered-To: freebsd-ipfw@freebsd.org Received: from albatross.prod.itd.earthlink.net (albatross.mail.pas.earthlink.net [207.217.120.120]) by hub.freebsd.org (Postfix) with ESMTP id 77D5C37B406 for ; Sat, 30 Jun 2001 12:15:03 -0700 (PDT) (envelope-from cjc@earthlink.net) Received: from blossom.cjclark.org (dialup-209.245.134.21.Dial1.SanJose1.Level3.net [209.245.134.21]) by albatross.prod.itd.earthlink.net (EL-8_9_3_3/8.9.3) with ESMTP id MAA10258 for ; Sat, 30 Jun 2001 12:15:02 -0700 (PDT) Received: (from cjc@localhost) by blossom.cjclark.org (8.11.4/8.11.3) id f5UJF0W08220 for freebsd-ipfw@freebsd.org; Sat, 30 Jun 2001 12:15:00 -0700 (PDT) (envelope-from cjc) Date: Sat, 30 Jun 2001 12:15:00 -0700 From: "Crist J. Clark" To: freebsd-ipfw@freebsd.org Subject: BRIDGE in ip_fw.c Message-ID: <20010630121500.F348@blossom.cjclark.org> Reply-To: cjclark@alum.mit.edu Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i Sender: owner-freebsd-ipfw@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG I am about to put some fixes/enhancements up for review before committing them to CURRENT. Before I do that, I need have a question about some of the code in ip_fw.c, if (0 && BRIDGED) { /* not yet... */ offset = (ntohs(ip->ip_off) & IP_OFFMASK); ip_len = ntohs(ip->ip_len); } else { offset = (ip->ip_off & IP_OFFMASK); ip_len = ip->ip_len; } What's the deal with that zeroed out code? (And wouldn't it be better form to zero it out in the preprocessor?) -- Crist J. Clark cjclark@alum.mit.edu To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ipfw" in the body of the message From owner-freebsd-ipfw Sat Jun 30 16:12:42 2001 Delivered-To: freebsd-ipfw@freebsd.org Received: from info.iet.unipi.it (info.iet.unipi.it [131.114.9.184]) by hub.freebsd.org (Postfix) with ESMTP id EC93137B403 for ; Sat, 30 Jun 2001 16:12:38 -0700 (PDT) (envelope-from luigi@info.iet.unipi.it) Received: (from luigi@localhost) by info.iet.unipi.it (8.9.3/8.9.3) id BAA27133; Sun, 1 Jul 2001 01:07:28 +0200 (CEST) (envelope-from luigi) From: Luigi Rizzo Message-Id: <200106302307.BAA27133@info.iet.unipi.it> Subject: Re: BRIDGE in ip_fw.c In-Reply-To: <20010630121500.F348@blossom.cjclark.org> from "Crist J. Clark" at "Jun 30, 2001 12:15:00 pm" To: cjclark@alum.mit.edu Date: Sun, 1 Jul 2001 01:07:28 +0200 (CEST) Cc: freebsd-ipfw@FreeBSD.ORG X-Mailer: ELM [version 2.4ME+ PL61 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-ipfw@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG > I am about to put some fixes/enhancements up for review before i would be grateful if you could send me a summary (not the code, just a description) of the changes you have planned to commit > committing them to CURRENT. Before I do that, I need have a question > about some of the code in ip_fw.c, > > if (0 && BRIDGED) { /* not yet... */ > offset = (ntohs(ip->ip_off) & IP_OFFMASK); > ip_len = ntohs(ip->ip_len); > } else { > offset = (ip->ip_off & IP_OFFMASK); > ip_len = ip->ip_len; > } > > What's the deal with that zeroed out code? (And wouldn't it be better > form to zero it out in the preprocessor?) the compiler will remove the unused code anyways. The "not yet" comment refers to the fact that my plan for bridged packets was to make the mbufs readonly as much as possible, thus avoiding the NTOHS() calls on ip_off and ip_len fields and in turn an m_pullup() and the associated data copy when you need do duplicate the buffer. cheers luigi To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ipfw" in the body of the message From owner-freebsd-ipfw Sat Jun 30 23:30: 9 2001 Delivered-To: freebsd-ipfw@freebsd.org Received: from albatross.prod.itd.earthlink.net (albatross.mail.pas.earthlink.net [207.217.120.120]) by hub.freebsd.org (Postfix) with ESMTP id 00C6437B401 for ; Sat, 30 Jun 2001 23:30:04 -0700 (PDT) (envelope-from cjc@earthlink.net) Received: from blossom.cjclark.org (dialup-209.247.137.116.Dial1.SanJose1.Level3.net [209.247.137.116]) by albatross.prod.itd.earthlink.net (EL-8_9_3_3/8.9.3) with ESMTP id XAA28649; Sat, 30 Jun 2001 23:29:59 -0700 (PDT) Received: (from cjc@localhost) by blossom.cjclark.org (8.11.4/8.11.3) id f616Tsq09656; Sat, 30 Jun 2001 23:29:54 -0700 (PDT) (envelope-from cjc) Date: Sat, 30 Jun 2001 23:29:54 -0700 From: "Crist J. Clark" To: Luigi Rizzo Cc: freebsd-ipfw@FreeBSD.ORG Subject: Re: BRIDGE in ip_fw.c Message-ID: <20010630232954.J348@blossom.cjclark.org> Reply-To: cjclark@alum.mit.edu References: <20010630121500.F348@blossom.cjclark.org> <200106302307.BAA27133@info.iet.unipi.it> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <200106302307.BAA27133@info.iet.unipi.it>; from luigi@info.iet.unipi.it on Sun, Jul 01, 2001 at 01:07:28AM +0200 Sender: owner-freebsd-ipfw@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Sun, Jul 01, 2001 at 01:07:28AM +0200, Luigi Rizzo wrote: > > I am about to put some fixes/enhancements up for review before > > i would be grateful if you could send me a summary > (not the code, just a description) of the > changes you have planned to commit Just two things at the moment. First is a sure thing, a fix for my old PR kern/23446. Although all following fragments are logged, initial fragments are not. The only thing still in the air is how well to fix the problem. Just print the offset of frags like we do now? Or fix it "right" and go for a tcpdump-like format that prints IP ID, offset, and status of the MF flag? The second thing is a general increase in the verbosity of ipfw log messages. Some more evolved versions patches I posted earlier this year, http://www.FreeBSD.org/cgi/getmsg.cgi?fetch=224008+235323+/usr/local/www/db/text/2000/freebsd-security/20001217.freebsd-security > > committing them to CURRENT. Before I do that, I need have a question > > about some of the code in ip_fw.c, > > > > if (0 && BRIDGED) { /* not yet... */ > > offset = (ntohs(ip->ip_off) & IP_OFFMASK); > > ip_len = ntohs(ip->ip_len); > > } else { > > offset = (ip->ip_off & IP_OFFMASK); > > ip_len = ip->ip_len; > > } > > > > What's the deal with that zeroed out code? (And wouldn't it be better > > form to zero it out in the preprocessor?) > > the compiler will remove the unused code anyways. > > The "not yet" comment refers to the fact that my > plan for bridged packets was to make the mbufs readonly > as much as possible, thus avoiding the NTOHS() calls > on ip_off and ip_len fields and in turn an m_pullup() > and the associated data copy when you need do duplicate > the buffer. The reason I ask is that I need the flag bits of ip->ip_off. The test to see if a packet is a fragment is, (ip->ip_off & (IP_OFFMASK | IP_MF)) And not just if the offset is non-zero. Obviously, whether ip->ip_off is in host or network order will make a difference on how to do the test. -- Crist J. Clark cjclark@alum.mit.edu To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ipfw" in the body of the message