[src/trunk]: src/sys/external/bsd/ipf/netinet Conform to RFC 3128 by dropping...

[christos <christos%NetBSD.org@localhost>]

details:   https://anonhg.NetBSD.org/src/rev/230deb335460
branches:  trunk
changeset: 452303:230deb335460
user:      christos <christos%NetBSD.org@localhost>
date:      Wed Jun 26 15:31:17 2019 +0000

description:
Conform to RFC 3128 by dropping TCP fragments with offset = 1.
In addition to dropping these fragments, add a DTrace probe to allow
for more detailed monitoring and diagnosis if required.
>From FreeBSD r349399, reported vy Cy Schubert

diffstat:

 sys/external/bsd/ipf/netinet/fil.c |  8 ++++++--
 1 files changed, 6 insertions(+), 2 deletions(-)

diffs (29 lines):

diff -r 4cfe5edc0138 -r 230deb335460 sys/external/bsd/ipf/netinet/fil.c
--- a/sys/external/bsd/ipf/netinet/fil.c        Wed Jun 26 15:26:57 2019 +0000
+++ b/sys/external/bsd/ipf/netinet/fil.c        Wed Jun 26 15:31:17 2019 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: fil.c,v 1.27 2019/06/26 15:26:57 christos Exp $        */
+/*     $NetBSD: fil.c,v 1.28 2019/06/26 15:31:17 christos Exp $        */
 
 /*
  * Copyright (C) 2012 by Darren Reed.
@@ -141,7 +141,7 @@
 #if !defined(lint)
 #if defined(__NetBSD__)
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: fil.c,v 1.27 2019/06/26 15:26:57 christos Exp $");
+__KERNEL_RCSID(0, "$NetBSD: fil.c,v 1.28 2019/06/26 15:31:17 christos Exp $");
 #else
 static const char sccsid[] = "@(#)fil.c        1.36 6/5/96 (C) 1993-2000 Darren Reed";
 static const char rcsid[] = "@(#)Id: fil.c,v 1.1.1.2 2012/07/22 13:45:07 darrenr Exp $";
@@ -1721,6 +1721,10 @@
         * calculate the byte offset that it represents.
         */
        off &= IP_MF|IP_OFFMASK;
+       if (off == 1 && p == IPPROTO_TCP) {
+               fin->fin_flx |= FI_SHORT;       /* RFC 3128 */
+               DT1(ipf_fi_tcp_frag_off_1, fr_info_t *, fin);
+       }
        if (off != 0) {
                int morefrag = off & IP_MF;