mirror of
https://github.com/sheumann/hush.git
synced 2024-12-22 14:30:31 +00:00
4d5acd2d42
The ICMP RFC says that identifier and sequence number may be zero. Having them zero for a Echo message, along with a data of zero's as well will result in a Echo reply message with only zero's. Some NAT implementations seem to get the checksum wrong on these packages. Setting a checksum of 0x0 instead of 0xffff. Through NAT: Internet Control Message Protocol Type: 0 (Echo (ping) reply) Code: 0 Checksum: 0x0000 [incorrect, should be 0xffff] Identifier (BE): 0 (0x0000) Identifier (LE): 0 (0x0000) Sequence number (BE): 0 (0x0000) Sequence number (LE): 0 (0x0000) Data (56 bytes) Data: 000000000000000000000000000000000000000000000000... [Length: 56] Without NAT: Internet Control Message Protocol Type: 0 (Echo (ping) reply) Code: 0 Checksum: 0xffff [correct] Identifier (BE): 0 (0x0000) Identifier (LE): 0 (0x0000) Sequence number (BE): 0 (0x0000) Sequence number (LE): 0 (0x0000) [Request frame: 189] [Response time: 0.024 ms] Data (56 bytes) Data: 000000000000000000000000000000000000000000000000... [Length: 56] And this in turn will make some hardware MAC checksum offloading engines drop the packet. (This was seen with a Synopsis MAC, the same one used in for instance the stmmac Ethernet driver in the linux kernel.) This change can be seen as a workaround for bugs in other layers. But just setting an identifier for the Echo message packet will avoid prodding the hornets nest. function old new delta common_ping_main 424 500 +76 Signed-off-by: Jonas Danielsson <jonasdn@axis.com> Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com> |
||
---|---|---|
.. | ||
libiproute | ||
ssl_helper | ||
ssl_helper-wolfssl | ||
udhcp | ||
arp.c | ||
arping.c | ||
brctl.c | ||
Config.src | ||
dnsd.c | ||
ether-wake.c | ||
ftpd.c | ||
ftpgetput.c | ||
hostname.c | ||
httpd_indexcgi.c | ||
httpd_post_upload.txt | ||
httpd_ssi.c | ||
httpd.c | ||
ifconfig.c | ||
ifenslave.c | ||
ifplugd.c | ||
ifupdown.c | ||
inetd.c | ||
interface.c | ||
ip.c | ||
ipcalc.c | ||
isrv_identd.c | ||
isrv.c | ||
isrv.h | ||
Kbuild.src | ||
nameif.c | ||
nbd-client.c | ||
nc_bloaty.c | ||
nc.c | ||
netstat.c | ||
nslookup.c | ||
ntpd.c | ||
ntpd.diff | ||
ping.c | ||
pscan.c | ||
route.c | ||
slattach.c | ||
tc.c | ||
tcpudp_perhost.c | ||
tcpudp_perhost.h | ||
tcpudp.c | ||
telnet.c | ||
telnetd.c | ||
telnetd.ctrlSQ.patch | ||
tftp.c | ||
traceroute.c | ||
tunctl.c | ||
vconfig.c | ||
wget.c | ||
whois.c | ||
zcip.c |