NetBSD-Bugs archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

kern/38388: ipnat won't let GRE get redirected



>Number:         38388
>Category:       kern
>Synopsis:       ipnat won't let GRE get redirected
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    kern-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Tue Apr 08 21:55:00 +0000 2008
>Originator:     Quentin Garnier
>Release:        NetBSD 4.0
>Organization:
        NetBSD
>Environment:
NetBSD/i386
>Description:
        ipnat will drop incoming GRE packets if you try to redirect that
        protocol.

        Also, the PPTP proxy (undocumented of course) doesn't work.
        Maybe that's worth another PR, maybe not.
>How-To-Repeat:
        Redirect GRE in any way, specifically or not.

        E.g.:

                rdr on iface external/32 -> internal/32 gre
        or even
                rdr on iface external/32 -> internal/32

        And note that protocol 47 doesn't get through.  With the second
        line, protocol 46 and 48 do get through.
>Fix:
        Remove all the remaining references to IPPROTO_GRE in the code of
        ipfilter does solve the issue (but does not make the pptp proxy
        work of course).
        A lot of them are already commented out.  I'm not sure exactly
        which of the remaining ones is the culprit, but commenting them
        all out was enough for me.



Home | Main Index | Thread Index | Old Index