Date: Thu, 17 Jun 1999 06:44:33 -0400 (EDT) From: Christopher Sedore <cmsedore@mailbox.syr.edu> To: brooks@one-eyed-alien.net Cc: freebsd-hackers@FreeBSD.ORG Subject: Re: changes to ether_output() Message-ID: <Pine.SOL.4.10.9906170638260.29737-100000@rodan.syr.edu> In-Reply-To: <Pine.GSO.4.05.9906161832510.2401-100000@orion.ac.hmc.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 16 Jun 1999 brooks@one-eyed-alien.net wrote: > Hi, > > I've been doing some work which caused me to want to write a simple > userland bridging/filtering program (don't ask ;-). The easy way to do it > seemed to be to use BPF to read and write the packets one each side. I > wrote something up in a few hundred lines of code which worked (mostly) as > long as no one did much broadcast and I threw away multicast packets. > After some searching I found a refrence in libnet (ports/net/libnet) which > said the problem was that while BPF takes a whole packet and claims to > write it to the wire, it actually ignores the source address and uses the > one assigned to the card. They had an LKM which fixed the problem, but it > was based on a mid-1997 version of net/if_ethersubr.c from 2.2.x and had a > number of things commented out that probably shouldn't have been. > > I've taken the key lines from the LKM and produced a patch which adds > optional support for for spoofing the source address of certain ethernet > packets. It's a compile time option and is controled by a sysctl which > defaults to off and doesn't work in secure mode. The patch is included > below. The diff is against 3.2-STABLE as of a couple weeks ago and it > looks like part of it may have to be applyed by hand on -current. > > Please let me know what you think. I filed a kernel bug report about this early this year. This is a bug in the BPF implementation on FreeBSD (at least this was the consensus of those who reacted when I posted about it). If you look in the gnats pages you'll find my report and a patch to fix bpf. I don't remember the code well enough to envision what your patch does, but you might want to look over mine just to see what I did (it didn't look to me like you fixed bpf, but maybe I'm missing that). -Chris To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.SOL.4.10.9906170638260.29737-100000>