bin/171279: bsnmpd can reply from other address

2012-09-03 Thread Konstantin Kukushkin 

Number: 171279
Category:   bin
Synopsis:   bsnmpd can reply from other address
Confidential:   no
Severity:   serious
Priority:   medium
Responsible:freebsd-bugs
State:  open
Quarter:
Keywords:   
Date-Required:
Class:  sw-bug
Submitter-Id:   current-users
Arrival-Date:   Mon Sep 03 14:50:04 UTC 2012
Closed-Date:
Last-Modified:
Originator: Konstantin Kukushkin
Release:FreeBSD 9.0-STABLE amd64
Organization:
Rambler Internet Holding, LLC
Environment:
System: FreeBSD vpn1-m1.rambler.ru 9.0-STABLE FreeBSD 9.0-STABLE #2 r231584M: 
Mon Feb 13 18:24:25 MSK 2012 
gleb...@vpn1-m1.rambler.ru:/usr/obj/usr/home/glebius/9/sys/VPN amd64

Description:
bsnmpd by default listen INADDR_ANY, and on multihomed system daemon 
can receive queries to some addresses.
When replying to query bsdnmp simply use sendto(), so OS build response 
datagram with source ip nearest to sender, which can be not equal to 
destination ip on source query.
This is ok for net-snmp utils like snmpget  snmpwalk, but this can't work with 
statefull firewalls like ipfw(4) or pf(4).

Please fix it.

How-To-Repeat:
I used multihomed host vpn1-m1:
[pts/2] dark@vpn1-m1:~ ( ifconfig bge0 inet ; ifconfig lo0 inet )|grep inet
inet 81.19.94.147 netmask 0xfff8 broadcast 81.19.94.151
inet 127.0.0.1 netmask 0xff00 
inet 81.19.64.133 netmask 0x 
inet 81.19.79.1 netmask 0x 
with ``onestarted`` bsnmpd:
[pts/2] dark@vpn1-m1:~ sudo /etc/rc.d/bsnmpd onestart
Starting bsnmpd.
[pts/2] dark@vpn1-m1:~ sockstat | grep 'bsnmpd.*161'
root bsnmpd 38365 6  udp4   *:161 *:*

and other host for query to address, routed to vpn1-m1:
[pts/53] dark@dark:~ ifconfig re0 inet|grep inet
inet 81.19.64.109 netmask 0xffe0 broadcast 81.19.64.127

[pts/53] dark@dark:~ snmpget -v 2c -c public 81.19.64.133 sysDescr.0
Timeout: No Response from 81.19.64.133.

tcpdump on multihomed host shows that bsnmpd reply from source other that query 
destination:
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on bge0, link-type EN10MB (Ethernet), capture size 65535 bytes
15:17:16.007788 IP 81.19.64.109.60689  81.19.64.133.161:  GetRequest(28)  
.1.3.6.1.2.1.1.1.0
15:17:16.008005 IP 81.19.94.147.161  81.19.64.109.60689:  GetResponse(76)  
.1.3.6.1.2.1.1.1.0=vpn1-m1.rambler.ru 4212937669 FreeBSD 9.0-STABLE
Fix:

Other udp servers like named try to create listen socket bind()'ed on adresses 
from getifaddrs() output, not INADDR_ANY. While daemon receiving query on 
bind()'ed socket it knows on which address query was sent, and can reply right.
Unfortunately I don't know any other mechanism getting datagram destination 
address in FreeBSD, in Linux there is 'IP_PKTINFO' socket option for this.
Release-Note:
Audit-Trail:
Unformatted:
___
freebsd-bugs@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-bugs
To unsubscribe, send any mail to freebsd-bugs-unsubscr...@freebsd.org

kern/150858: GEOM_LABEL is not compatible with newfs -r flag

2010-09-22 Thread Konstantin Kukushkin 

Number: 150858
Category:   kern
Synopsis:   GEOM_LABEL is not compatible with newfs -r flag
Confidential:   no
Severity:   non-critical
Priority:   medium
Responsible:freebsd-bugs
State:  open
Quarter:
Keywords:   
Date-Required:
Class:  sw-bug
Submitter-Id:   current-users
Arrival-Date:   Wed Sep 22 12:00:12 UTC 2010
Closed-Date:
Last-Modified:
Originator: Konstantin Kukushkin
Release:8.1-STABLE
Organization:
Rambler
Environment:
FreeBSD dash.local 8.1-STABLE FreeBSD 8.1-STABLE #0: Wed Sep 22 13:18:16 MSD 
2010 r...@dash.local:/var/tmp/obj/usr/src/sys/EEE8  i386
Description:
For any provider, GEOM_LABEL strictly checks that ufs occupied all its
space. But filesystem can be smaller, in case if newfs(8) was run with
-r flag. So, GEOM_LABEL is not compatible with newfs -r flag.

When check is more permissive (as in attached patch) all work OK:
[pts/0] r...@dash:/usr/home/dark# uname -rp
8.1-STABLE i386
[pts/0] r...@dash:/usr/home/dark# ll /dev/ufsid/
total 0
crw-r-  1 root  operator0,  93 22 ÓÅÎ 17:24 4992d90831a79611
[pts/0] r...@dash:/usr/home/dark# mdconfig -s 32m
md0
[pts/0] r...@dash:/usr/home/dark# newfs -r 4 -U /dev/md0
/dev/md0: 32.0MB (65532 sectors) block size 16384, fragment size 2048
using 4 cylinder groups of 8.00MB, 512 blks, 1024 inodes.
with soft updates
super-block backups (for fsck -b #) at:
 160, 16544, 32928, 49312
[pts/0] r...@dash:/usr/home/dark# ll /dev/ufsid/
total 0
crw-r-  1 root  operator0,  93 22 ÓÅÎ 17:24 4992d90831a79611
crw-r-  1 root  operator0, 118 22 ÓÅÎ 13:38 4c99ce860db39b88
[pts/0] r...@dash:/usr/home/dark# glabel status
  Name  Status  Components
  ntfs/sys N/A  ada0s1
   msdosfs/SYS N/A  ada0s2
  msdosfs/BIOS N/A  ada0s3
  ntfs/BIG N/A  ada1s2
ufsid/4992d90831a79611 N/A  ada1s1a
ufsid/4c99ce860db39b88 N/A  md0 
How-To-Repeat:
radius# uname -rp
8.1-20100726-SNAP i386
radius# ll /dev/ufsid/
total 0
crw-r-  1 root  operator0,  98 21 ÓÅÎ 22:01 4c98f1c148b0469b
crw-r-  1 root  operator0,  99 21 ÓÅÎ 22:01 4c98f1c978a6bb52
radius# mdconfig -s 32m
md0
radius# newfs -r 4 -U /dev/md0
/dev/md0: 32.0MB (65532 sectors) block size 16384, fragment size 2048
using 4 cylinder groups of 8.00MB, 512 blks, 1024 inodes.
with soft updates
super-block backups (for fsck -b #) at:
 160, 16544, 32928, 49312
radius# ll /dev/ufsid/
total 0
crw-r-  1 root  operator0,  98 21 ÓÅÎ 22:01 4c98f1c148b0469b
crw-r-  1 root  operator0,  99 21 ÓÅÎ 22:01 4c98f1c978a6bb52
radius# glabel status
  Name  Status  Components
ufsid/4c98f1c148b0469b N/A  ada2d
ufsid/4c98f1c978a6bb52 N/A  ada3d
Fix:
Use attached patch.

Patch attached with submission follows:

--- /sys/geom/label/g_label_ufs.c.orig  2010-07-11 23:06:52.0 +0400
+++ /sys/geom/label/g_label_ufs.c   2010-09-22 12:21:23.0 +0400
@@ -83,10 +83,10 @@
continue;
/* Check for magic and make sure things are the right size */
if (fs-fs_magic == FS_UFS1_MAGIC  fs-fs_fsize  0 
-   pp-mediasize / fs-fs_fsize == fs-fs_old_size) {
+   pp-mediasize / fs-fs_fsize = fs-fs_old_size) {
/* Valid UFS1. */
} else if (fs-fs_magic == FS_UFS2_MAGIC  fs-fs_fsize  0 
-   pp-mediasize / fs-fs_fsize == fs-fs_size) {
+   pp-mediasize / fs-fs_fsize = fs-fs_size) {
/* Valid UFS2. */
} else {
g_free(fs);


Release-Note:
Audit-Trail:
Unformatted:
___
freebsd-bugs@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-bugs
To unsubscribe, send any mail to freebsd-bugs-unsubscr...@freebsd.org