subject:"something fishy with portmapper on i386 snapshot\?"

Re: something fishy with portmapper on i386 snapshot?

2014-05-15 Thread Philip Guenther

On Tue, 13 May 2014, Sebastian Reitenbach wrote:
 I've installed a i386 soekris box (10.0.0.27, called wormhole) from 
 current snapshot, and trying to netboot a vax and a sparc, but I guess, 
 they don't get to the bootparamd.

Actually, there's a trick involved and they don't *directly* do so.  
Instead, their request to portmap is a call this proc in this other 
service request, for which portmap relays back the answer.


...
 With tcpdump I've seen, what I guess its getting rarp information 
 correctly, then broadcasting to try to find the bootparamd, the 
 portmapper on my box answers, and then its what I guess trying to 
 contact the bootparamd, but this fails. As I guess, its trying to 
 contact the bootparamd on UDP port 639, but there is nothing listen, 
 bootparamd is listening on UDP 805. Does the portmapper give out the 
 wrong port?
 
 root@wormhole:~# tcpdump -n -i vr0 -e -ttt -vvv -s 2000 -X host 10.0.0.30
 tcpdump: listening on vr0, link-type EN10MB
 May 13 09:01:54.903204 00:00:24:c9:d4:98 08:00:2b:2d:33:2c 8035 42: rarp 
 reply 08:00:2b:2d:33:2c at 10.0.0.30
   : 0800 2b2d 332c  24c9 d498 8035 0001  ..+-3,..$5..
   0010: 0800 0604 0004  24c9 d498 0a00 001b  $...
   0020: 0800 2b2d 332c 0a00 001e ..+-3,
 
 May 13 09:01:54.941453 08:00:2b:2d:33:2c ff:ff:ff:ff:ff:ff 0800 138: 
 10.0.0.30.986  255.255.255.255.111: [udp sum ok] udp 96 (ttl 4, id 0, len 
 124)
   :    0800 2b2d 332c 0800 4500  +-3,..E.
   0010: 007c   0411 ac54 0a00 001e   .|...T..
   0020:  03da 006f 0068 e2d6  0027   .o.h.'..
   0030:   0002 0001 86a0  0002   
   0040: 0005  0001  0014     
   0050:          
   0060:    0001 86ba  0001   
   0070: 0001  0014  0001  000a   
   0080:     001e ..
 
 
 the broadcast to the portmapper

That's the call bootparam's 'whoami' call for me request.  The 0005 at 
offset 040 is PMAPPROC_CALLIT, etc.


 May 13 09:01:54.949153 00:00:24:c9:d4:98 08:00:2b:2d:33:2c 0800 110: 
 10.0.0.27.111  10.0.0.30.986: [bad udp cksum 9f2d!] udp 68 (ttl 64, id 
 49240, len 96, bad cksum 0! differs by a5fc)
   : 0800 2b2d 332c  24c9 d498 0800 4500  ..+-3,..$.E.
   0010: 0060 c058  4011  0a00 001b 0a00  .`.X..@.
   0020: 001e 006f 03da 004c 1496  0027   ...o...L.'..
   0030: 0001         
   0040:   0325  0024  0008 6461  .%...$da
   0050: 6564 616c 7573    0001   edalus..
   0060: 007f      0001   ..
 
 the answer

...from bootparamd, relayed by portmap.  Note that it contains the 
client_name (daedalus) you would expect to get back from bootparamd.  
That's confirmed by the vax boot saying:

 boot: client name: daedalus

One odd bit is that it looks like the router_address is 127.0.0.0, which 
seems odd.  But maybe I'm decoding the RPC by eyeball incorrectly.

More importantly, we can see the correct bootparam port number in 
portmapper's reply: 0x0325 (at offset 0044) == 805.  That value is 
(supposed to be) remember by boot and used as the port to which to send 
the direct bootparam getfile query.


 May 13 09:01:54.980649 08:00:2b:2d:33:2c 00:00:24:c9:d4:98 0800 122: 
 10.0.0.30.985  10.0.0.27.639: [udp sum ok] udp 80 (ttl 4, id 0, len 
 108)

Hmm, could you verify that the VAX boot block you're using was compiled 
with a gcc that was built with miod@'s April 12th fix to 
gnu/usr.bin/gcc/gcc/protector.c ?



Philip Guenther

something fishy with portmapper on i386 snapshot?

2014-05-13 Thread Sebastian Reitenbach

Hi,

I've installed a i386 soekris box (10.0.0.27, called wormhole) from current 
snapshot, 
and trying to netboot a vax and a sparc, but I guess, they don't get to the 
bootparamd.

Here what I see from the vax (10.0.0.30), which loads the boot.mop from mopd 
running on the same
server fine, then in the boot prompt of the boot loader I get:

 boot
Trying BOOTPARAMS
boot: client IP address: 10.0.0.30
boot: client name: daedalus
nfs_open: must mount first.
open bsd: Invalid argument
bsd: boot failed: Invalid argument

This is the configuration on my soekris box with regard to rarpd, bootparamd, 
and nfs server with regard
to the vax (called daedalus) netboot configuration:

# cat /etc/bootparams
daedalusroot=wormhole:/export/vax
# cat /etc/ethers
08:00:2B:2D:33:2C   daedalus
# cat /etc/exports
/export/vax -maproot=root:wheel 10.0.0.30
# rpcinfo -p localhost
   program vers proto   port
102   tcp111  portmapper
102   udp111  portmapper
151   udp663  mountd
153   udp663  mountd
151   tcp702  mountd
153   tcp702  mountd
132   udp   2049  nfs
133   udp   2049  nfs
132   tcp   2049  nfs
133   tcp   2049  nfs
1000261   udp805  bootparam
# showmount -e localhost
Exports list on localhost:
/export/vax10.0.0.30
# ls -l /export/vax/
total 5024
-rw-r--r--  1 sebastia  wheel  2547676 May 11 01:43 bsd
~# ping daedalus
PING daedalus.ds9 (10.0.0.30): 56 data bytes
--- daedalus.ds9 ping statistics ---
2 packets transmitted, 0 packets received, 100.0% packet loss

With tcpdump I've seen, what I guess its getting rarp information correctly, 
then
broadcasting to try to find the bootparamd, the portmapper on my box answers,
and then its what I guess trying to contact the bootparamd, but this fails.
As I guess, its trying to contact the bootparamd on UDP port 639, but there
is nothing listen, bootparamd is listening on UDP 805. 
Does the portmapper give out the wrong port?

root@wormhole:~# tcpdump -n -i vr0 -e -ttt -vvv -s 2000 -X host 10.0.0.30
tcpdump: listening on vr0, link-type EN10MB
May 13 09:01:54.903204 00:00:24:c9:d4:98 08:00:2b:2d:33:2c 8035 42: rarp reply 
08:00:2b:2d:33:2c at 10.0.0.30
  : 0800 2b2d 332c  24c9 d498 8035 0001  ..+-3,..$5..
  0010: 0800 0604 0004  24c9 d498 0a00 001b  $...
  0020: 0800 2b2d 332c 0a00 001e ..+-3,

May 13 09:01:54.941453 08:00:2b:2d:33:2c ff:ff:ff:ff:ff:ff 0800 138: 
10.0.0.30.986  255.255.255.255.111: [udp sum ok] udp 96 (ttl 4, id 0, len 124)
  :    0800 2b2d 332c 0800 4500  +-3,..E.
  0010: 007c   0411 ac54 0a00 001e   .|...T..
  0020:  03da 006f 0068 e2d6  0027   .o.h.'..
  0030:   0002 0001 86a0  0002   
  0040: 0005  0001  0014     
  0050:          
  0060:    0001 86ba  0001   
  0070: 0001  0014  0001  000a   
  0080:     001e ..


the broadcast to the portmapper

May 13 09:01:54.949153 00:00:24:c9:d4:98 08:00:2b:2d:33:2c 0800 110: 
10.0.0.27.111  10.0.0.30.986: [bad udp cksum 9f2d!] udp 68 (ttl 64, id 49240, 
len 96, bad cksum 0! differs by a5fc)
  : 0800 2b2d 332c  24c9 d498 0800 4500  ..+-3,..$.E.
  0010: 0060 c058  4011  0a00 001b 0a00  .`.X..@.
  0020: 001e 006f 03da 004c 1496  0027   ...o...L.'..
  0030: 0001         
  0040:   0325  0024  0008 6461  .%...$da
  0050: 6564 616c 7573    0001   edalus..
  0060: 007f      0001   ..

the answer

May 13 09:01:54.980649 08:00:2b:2d:33:2c 00:00:24:c9:d4:98 0800 122: 
10.0.0.30.985  10.0.0.27.639: [udp sum ok] udp 80 (ttl 4, id 0, len 108)
  :  24c9 d498 0800 2b2d 332c 0800 4500  ..$.+-3,..E.
  0010: 006c   0411 a249 0a00 001e 0a00  .l...I..
  0020: 001b 03d9 027f 0058 db1a  0028   ...X.(..
  0030:   0002 0001 86ba  0001   
  0040: 0002  0001  0014     
  0050:          
  0060:     0008 6461 6564 616c  ..daedal
  0070: 7573  0004 726f 6f74 usroot

and here I think its trying to contact the bootparamd on the wrong port asking 
for the root device??

May 13 09:01:54.980829 00:00:24:c9:d4:98 08:00:2b:2d:33:2c 0800 70: 10.0.0.27  
10.0.0.30: icmp: 10.0.0.27 udp port 639 unreachable [icmp cksum ok] for 
10.0.0.30.985  10.0.0.27.639: udp 80 (ttl 4, id 0, len 108) (ttl 255, id 
16199, len 56, bad cksum 0! differs by 6845)

Re: something fishy with portmapper on i386 snapshot?

something fishy with portmapper on i386 snapshot?

2 matches

Site Navigation

Mail list logo

Footer information