Subject: How to fix packet destination address before RFC1122 dropping takes place?
To: None <tech-net@netbsd.org>
From: Paulo Matias <syscoder@gmail.com>
List: tech-net
Date: 07/06/2007 16:04:56
Hi,

I own a mobile phone that connects to my computer via PPP, but its IP
stack is broken, so it sends me packets with "127.0.0.1" as
destination address, although I setup PPP this way: "pppd /dev/ttyU0
115200 10.0.0.1:10.0.0.2 netmask 255.0.0.0 noauth silent local
persist"

As I can't fix it in the device, I must fix the destination address of
the packets at the computer, but I don't know the best way to do this
under NetBSD.

Under Linux, I could do it using an iptables rule: "iptables -t nat -A
PREROUTING -d 127.0.0.1 -i ppp0 -j DNAT --to 10.0.0.1".

But under NetBSD (and under OpenBSD and FreeBSD too), perhaps dropping
takes place before ipf/pf can change its destination address.

At sys/net_inet/ip_input.c line 553, the packet is dropped:

	/* 127/8 must not appear on wire - RFC1122 */
	if ((ntohl(ip->ip_dst.s_addr) >> IN_CLASSA_NSHIFT) == IN_LOOPBACKNET ||
	    (ntohl(ip->ip_src.s_addr) >> IN_CLASSA_NSHIFT) == IN_LOOPBACKNET) {


But only at line 651 the pfil hooks run:

		if (pfil_run_hooks(&inet_pfil_hook, &m, m->m_pkthdr.rcvif,
		    PFIL_IN) != 0)


There is any way I can fix this destination address before packets are
dropped (without changing kernel source code)?

There is a simpler solution than capturing the packets via bpf,
changing their destination manually at an userspace program, then
sending them to a TUN interface?


Thanks,
Paulo Matias