Any more ideas?
Cheers,
CH
On Oct 10, 2003, at 2:01 PM, Colin Harford wrote:
Patch has applied cleanly,
I rebuilt the entire world, then disabled and re-enabled pf.
Will let you know if this has corrected the problem. I see you've already committed the change.
Thanks,
CH
On Oct 10, 2003, at 1:12 AM, Daniel Hartmeier wrote:
On Thu, Oct 09, 2003 at 12:28:02PM -0600, Colin Harford wrote:
it is a recent kernel from 7 days ago...
Looks like it was introduced with pf.c 1.391 (post-3.4 -current), and the patch below should fix it. Certain invalid packets would trigger uninitialized values to get added to byte counters, there's no overwriting or overflow.
Daniel
Index: pf.c =================================================================== RCS file: /cvs/src/sys/net/pf.c,v retrieving revision 1.393 diff -u -r1.393 pf.c --- pf.c 2 Oct 2003 05:47:30 -0000 1.393 +++ pf.c 10 Oct 2003 07:10:30 -0000 @@ -4739,6 +4739,7 @@ panic("non-M_PKTHDR is passed to pf_test"); #endif
+ memset(&pd, 0, sizeof(pd)); if (m->m_pkthdr.len < (int)sizeof(*h)) { action = PF_DROP; REASON_SET(&reason, PFRES_SHORT); @@ -4762,7 +4763,6 @@ goto done; }
- memset(&pd, 0, sizeof(pd)); pd.src = (struct pf_addr *)&h->ip_src; pd.dst = (struct pf_addr *)&h->ip_dst; pd.ip_sum = &h->ip_sum; @@ -4981,6 +4981,7 @@ panic("non-M_PKTHDR is passed to pf_test"); #endif
+ memset(&pd, 0, sizeof(pd)); if (m->m_pkthdr.len < (int)sizeof(*h)) { action = PF_DROP; REASON_SET(&reason, PFRES_SHORT); @@ -4996,7 +4997,6 @@ m = *m0; h = mtod(m, struct ip6_hdr *);
- memset(&pd, 0, sizeof(pd)); pd.src = (struct pf_addr *)&h->ip6_src; pd.dst = (struct pf_addr *)&h->ip6_dst; pd.ip_sum = NULL;
