Bug 17319

Summary: [PATCH] ipfw logs ICMP and unknown packets, with same src and dest address
Product: Base System Reporter: spock <spock>
Component: kernAssignee: freebsd-bugs (Nobody) <bugs>
Status: Closed FIXED    
Severity: Affects Only Me    
Priority: Normal    
Version: Unspecified   
Hardware: Any   
OS: Any   

Description spock 2000-03-11 17:10:01 UTC 
ipfirewall will log packets that are ICMP or unknown ipproto with the 
same source and destination address. For example:

/kernel: ipfw: 271 Deny ICMP:8.0 205.156.51.204 205.156.51.204 in via ed1
/kernel: ipfw: 271 Deny ICMP:8.0 205.156.51.204 205.156.51.204 in via ed1
/kernel: ipfw: 146 Deny P:2 192.168.100.1 192.168.100.1 in via ed1
/kernel: ipfw: 146 Deny P:2 192.168.100.1 192.168.100.1 in via ed1
/kernel: ipfw: 146 Deny P:2 192.168.100.1 192.168.100.1 in via ed1

Fix: The problem is due to incorrect use of inet_ntoa(3).

[sorry, patch might have whitespace errors]



-       len = 0;
        switch (ip->ip_p) {
        case IPPROTO_TCP:
                len = snprintf(SNPARGS(proto, 0), "TCP %s",
@@ -500,12 +499,13 @@
                            icmp->icmp_type, icmp->icmp_code);
                else
                        len = snprintf(SNPARGS(proto, 0), "ICMP ");
-               snprintf(SNPARGS(proto, len), "%s %s", inet_ntoa(ip->ip_src),
-                   inet_ntoa(ip->ip_dst));
+               len += snprintf(SNPARGS(proto, len), "%s", inet_ntoa(ip->ip_src));
+               snprintf(SNPARGS(proto, len), " %s", inet_ntoa(ip->ip_dst));
                break;
        default:
-               snprintf(SNPARGS(proto, 0), "P:%d %s %s", ip->ip_p,
-                   inet_ntoa(ip->ip_src), inet_ntoa(ip->ip_dst));
+               len = snprintf(SNPARGS(proto, 0), "P:%d %s", ip->ip_p,
+                              inet_ntoa(ip->ip_src));
+               snprintf(SNPARGS(proto, len), " %s", inet_ntoa(ip->ip_dst));
                break;
        }--pZ1Yfl4kUaAaAwZElqZZlztgbGu9b84woJ2RfEZibM2UWohU
Content-Type: text/plain; name="file.diff"
Content-Transfer-Encoding: 7bit
Content-Disposition: attachment; filename="file.diff"

Index: sys/netinet/ip_fw.c
===================================================================
RCS file: /home/ncvs/src/sys/netinet/ip_fw.c,v
retrieving revision 1.131
diff -u -r1.131 ip_fw.c
--- ip_fw.c     2000/02/29 17:51:25     1.131
+++ ip_fw.c     2000/03/10 20:04:13
@@ -464,7 +464,6 @@
                }
        }
How-To-Repeat: have ipfw log icmp packets and/or unknown ipproto packets
Comment 1 ru freebsd_committer freebsd_triage 2000-03-14 20:37:00 UTC 
State Changed
From-To: open->closed

Patch committed, thanks!