netbsd-bugs: Re: kern/18517

Subject: Re: kern/18517
To: None <darrenr@netbsd.org, gnats-admin@netbsd.org,>
From: Tero Kivinen <kivinen@iki.fi>
List: netbsd-bugs
Date: 11/03/2005 11:51:07
The following reply was made to PR kern/18517; it has been noted by GNATS.

From: Tero Kivinen <kivinen@iki.fi>
To: gnats-bugs@netbsd.org (NetBSD Problem Report DB Administrator)
Cc: 
Subject: Re: kern/18517
Date: Thu, 3 Nov 2005 13:50:39 +0200

 I checked the situation again now with NetBSD 2.0.2 kernel (IP numbers
 and architecture has changed since last time, but config is still same):
 
 NetBSD fireball.kivinen.iki.fi 2.0.2 NetBSD 2.0.2 (FIREBALL) #3: Sat Aug 13 22:52:00 EEST 2005  root@fireball.kivinen.iki.fi:/usr/src/sys/arch/amd64/compile/FIREBALL amd64
 
 Both of the cases still work incorrectluy. The return-rst case:
 
 block return-rst in log proto tcp from any to any flags S/SA group 100
 
 sends out invalid TCP checksums:
 
 13:31:57.585565 0:30:b6:6a:c8:0 0:30:48:82:ec:2c 0800 64: 83.145.195.7.25 > 212.16.98.49.52291: R [bad tcp cksum 11ac!] 0:0(0) ack 2115730265 win 32768 (DF) (ttl 60, id 45494, len 40)
 0x0000   4500 0028 b1b6 4000 3c06 403f 5391 c307        E..(..@.<.@?S...
 0x0010   d410 6231 0019 cc43 0000 0000 7e1b 7b59        ..b1...C....~.{Y
 0x0020   5014 8000 7112 0000 0000 0000 0000 125a        P...q..........Z
 0x0030   623c                                           b<
 
 The host-unreachable case:
 
 block return-icmp(host-unr) in log proto tcp from any to any flags S/SA group 100 
 
 Still returns wrong ICMP checksum, and wrong host IP-address inside
 the ICMP packet, wrong IP-address inside the contained TCP packet
 inside the ICMP packet, and few other bad checksums.
 
 13:44:37.360118 0:1:2:b3:bd:74 0:13:60:ae:db:40 0800 78: 83.145.195.1 > 212.16.98.49: icmp: host 192.168.2.2 unreachable (wrong icmp csum) for 212.16.98.49 > 192.168.2.2: tcp (frag 25539:15340@512) (ttl 61, len 15360, bad cksum 8d1e (->ffffa2c7)!) (DF) (ttl 64, id 51382, len 64, bad cksum 0 (->ffffcddb)!)
 0x0000   4500 0040 c8b6 4000 4001 0000 5391 c301        E..@..@.@...S...
 0x0010   d410 6231 0301 5ed8 9f88 169d 4500 3c00        ..b1..^.....E.<.
 0x0020   63c3 0040 3d06 8d1e d410 6231 c0a8 0202        c..@=.....b1....
 0x0030   fe59 0019 1e62 2316 710a 915d d2c6 2758        .Y...b#.q..]..'X
 -- 
 kivinen@safenet-inc.com