Bug 17552

Summary: Documentation error in divert(4)
Product: Documentation Reporter: sam <sam>
Component: Books & ArticlesAssignee: freebsd-doc (Nobody) <doc>
Status: Closed FIXED    
Severity: Affects Only Me    
Priority: Normal    
Version: Latest   
Hardware: Any   
OS: Any   

Description sam 2000-03-22 17:40:01 UTC 
When developing an toy application using divert(4), I was surprised to see
that it was working only if the PF_INET/SOCK_RAW/IPPROTO_DIVERT socket,
at bind() time, has a *valid* interface address (such as INADDR_ANY).

divert(4) manpage says:

                                                                   The IP ad-
     dress in the bind is ignored; only the port number is significant.  A di-
     vert socket bound to a divert port will receive all packets diverted to
     that port by some (here unspecified) kernel mechanism(s).

This is false, as the bind() operation for a divert socket will call
in_pcbbind() which makes use of the interface address.

Fix: 

Two possible immediate fixes:

  (1) Doc fix: change divert(4) manpage

  (2) Code fix: when entering div_bind, change the nam->sin_addr field
      if nam->sin_family is AF_INET so that it contains INADDR_ANY. It may
      break things that would depend on the fact that a diverted socket
      can be bound to a particular interface though (natd does use
      INADDR_ANY explicitely).
How-To-Repeat: 
Build a PF_INET/SOCK_RAW/IPPROTO_DIVERT socket, bind it with a sockaddr_in
structure which has an invalid sin_addr field. Diverted packets will not be
available on the socket and will be silently dropped by the kernel as if
no diverted socket was listening.
Comment 1 nik freebsd_committer freebsd_triage 2000-04-30 15:39:40 UTC 
On Wed, Mar 22, 2000 at 06:13:51PM +0100, sam@enst.fr wrote:
> >Fix:
> 
> Two possible immediate fixes:
> 
>   (1) Doc fix: change divert(4) manpage
> 
>   (2) Code fix: when entering div_bind, change the nam->sin_addr field
>       if nam->sin_family is AF_INET so that it contains INADDR_ANY. It may
>       break things that would depend on the fact that a diverted socket
>       can be bound to a particular interface though (natd does use
>       INADDR_ANY explicitely).

According to Brian and Paul (who are sat next to me on the train back
from a UK Newcastle meet) this really needs a code change rather than a
doc change.  So I'm following up to this in order to remind me to 
reassign this PR to the appropriate people when I get IP connectivity
back. . .

N
-- 
Internet connection, $19.95 a month.  Computer, $799.95.  Modem, $149.95.
Telephone line, $24.95 a month.  Software, free.  USENET transmission,
hundreds if not thousands of dollars.  Thinking before posting, priceless.
Somethings in life you can't buy.  For everything else, there's MasterCard.
  -- Graham Reed, in the Scary Devil Monastery
Comment 2 Paul Richards freebsd_committer freebsd_triage 2000-05-03 01:24:59 UTC 
State Changed
From-To: open->closed

The problem was a code error which has now been fixed.