lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Date:	Sat, 25 Apr 2009 15:05:58 -0300
From:	Sergio Luis <eeeesti@...il.com>
To:	nbj <niraj.b.jain@...il.com>
Cc:	linux-kernel@...r.kernel.org, netdev@...r.kernel.org
Subject: Re: Query regarding IPv6 stack modification

On Sat, Apr 25, 2009 at 11:27 AM, nbj <niraj.b.jain@...il.com> wrote:
>
> I am facing a strange problem when adding a module in the ipv6 stack. (This
> is a part of my project on IPv4 to IPv6 Gateway)
> Here is the description:
>
> Whenever the IPv6 machine intends to communicate with an IPv4 machine, an
> extension header is being added(which contains the IPv4 address) and the
> destination address in the packet is replaced by the address of the gateway.
> This is done by modifying the address in the sk_buff structure.
> On receiving a packet from this gateway, I check for the presence of the
> extension header. If present, the IPv4 address is extracted from it and the
> source address (that of the gateway) replaced by the mapped address of the
> v4 machine.
>
> Changes have been made in the following functions for the purpose:
>
> ip6_xmit & ip6_push_pending_frames: These functions are called in the
> transmit path of the packet. These functions are used by TCP and UDP/ICMP
> respectively to serve similar purpose.
> --I am adding my own extension header (called SHIM header) in the packet at
> this point. This is done by making changes in the "ipv6_txoptions" structure
> to add another field for my custom extension header. I am adding the IP
> address of the IPv4 host in the extension header (this will be used by the
> translator).
> --After adding this extension header, I am replacing the destination address
> in sk_buff with the translator's address.
>
> ip6_input_finish:- This function is called in the receive path of the
> packet. It calls the protocol handler for all the extension headers and the
> higher layer protocol.
> --I have written a handler for our custom header (SHIM) which gets called
> here whenever the packet contains one. This handler replaces the source
> address (which would be that of the translator) with the mapped address of
> the IPv4 host as extracted from the SHIM header.
>
> Using the above, I have tested TCP, UDP and ICMP applications. For UDP and
> ICMP (ping) applications, everything works as expected. i.e., the
> applications uses mapped addresses for the IPv4 hosts and the actual
> communication happens with the translator's address.
> For TCP however it failed in the following scenario:
> I have apache server running on the IPv6 host and IPv4 host trying to access
> a web page (using mozilla). Initially the IPv4 host is able to access data
> from the web server. But when a FIN-ACK is sent from the TCP server and a
> FIN-ACK is obtained from the client, the IPv6 machine hangs.
> (I also tried testing this using some simple client-server socket program.
> In that case, everything works fine)
>
> --
> View this message in context: http://www.nabble.com/Query-regarding-IPv6-stack-modification-tp23232689p23232689.html
> Sent from the linux-kernel mailing list archive at Nabble.com.
>

CC'ing netdev.
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ