bugzilla-daemon at bugzilla.netfilter.org
2012-Aug-21 22:43 UTC
[Bug 800] New: sk_buff.transport_header set incorrectly for NF_IP_PRE_ROUTING hook
http://bugzilla.netfilter.org/show_bug.cgi?id=800
Summary: sk_buff.transport_header set incorrectly for
NF_IP_PRE_ROUTING hook
Product: netfilter/iptables
Version: linux-2.6.x
Platform: x86_64
OS/Version: Ubuntu
Status: NEW
Severity: normal
Priority: P5
Component: netfilter hooks
AssignedTo: netfilter-buglog at lists.netfilter.org
ReportedBy: ryan at moreharts.com
Estimated Hours: 0.0
Created attachment 388
--> http://bugzilla.netfilter.org/attachment.cgi?id=388
Example code
While working on a module that uses netfilter, I encountered a situation where
ip_hdr(skb) and tcp_hdr(skb) return the same address (both point to the
beginning of the IP header). This only occurs on packets seen by a
NF_IP_PRE_ROUTING handler. Identical code for a NF_LOCAL_OUT handler behaves as
expected.
The attached code demonstrates a fairly minimal example of this.
Looking into it a bit, skb->transport_header is incorrect, offset just enough
to put it at the IP headers (as expected, given tcp_hdr is simple math). I
didn't explore further to see where else length/offset data was off.
Expected behavior of example code would be for only "inbound not
broken" and
"outbound not broken" to display. Instead, inbound reports as broken,
indicating ip_hdr() and tcp_hdr() are returning the same value. (For double
confirmation, the code confirms that it really does have an IPv4 packet and
that it's
This was done on Ubuntu 12.04 kernel Linux ubuntu 3.2.0-29-generic #46-Ubuntu
SMP Fri Jul 27 17:03:23 UTC 2012 x86_64 x86_64 x86_64 GNU/Linux.
If this is user error, I'd be happy to hear it.
--
Configure bugmail: http://bugzilla.netfilter.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
You are watching all bug changes.
bugzilla-daemon at bugzilla.netfilter.org
2012-Aug-21 22:44 UTC
[Bug 800] sk_buff.transport_header set incorrectly for NF_IP_PRE_ROUTING hook
http://bugzilla.netfilter.org/show_bug.cgi?id=800 --- Comment #1 from Ryan Morehart <ryan at moreharts.com> 2012-08-22 00:44:35 CEST --- Created attachment 389 --> http://bugzilla.netfilter.org/attachment.cgi?id=389 Makefile Makefile to build/test example code. Assumes code is called "init.c" -- Configure bugmail: http://bugzilla.netfilter.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug. You are watching all bug changes.
bugzilla-daemon at bugzilla.netfilter.org
2012-Aug-21 22:45 UTC
[Bug 800] sk_buff.transport_header set incorrectly for NF_IP_PRE_ROUTING hook
http://bugzilla.netfilter.org/show_bug.cgi?id=800
Ryan Morehart <ryan at moreharts.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |ryan at moreharts.com
--
Configure bugmail: http://bugzilla.netfilter.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
You are watching all bug changes.
bugzilla-daemon at bugzilla.netfilter.org
2012-Aug-27 03:32 UTC
[Bug 800] sk_buff.transport_header set incorrectly for NF_IP_PRE_ROUTING hook
http://bugzilla.netfilter.org/show_bug.cgi?id=800
JamesKing <jinhucn at gmail.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |jinhucn at gmail.com
OS/Version|Ubuntu |Fedora
--- Comment #2 from JamesKing <jinhucn at gmail.com> 2012-08-27 05:32:52
CEST ---
I have the same problem on my dell laptop vostro 1200 which runs fedora 17
(linux 3.5.2-1.fc17.i686).
--
Configure bugmail: http://bugzilla.netfilter.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
You are watching all bug changes.