mirror of
https://github.com/sheumann/hush.git
synced 2024-09-27 06:54:26 +00:00
4d5acd2d42
The ICMP RFC says that identifier and sequence number may be zero.
Having them zero for a Echo message, along with a data of zero's
as well will result in a Echo reply message with only zero's.
Some NAT implementations seem to get the checksum wrong on these
packages. Setting a checksum of 0x0 instead of 0xffff.
Through NAT:
Internet Control Message Protocol
Type: 0 (Echo (ping) reply)
Code: 0
Checksum: 0x0000 [incorrect, should be 0xffff]
Identifier (BE): 0 (0x0000)
Identifier (LE): 0 (0x0000)
Sequence number (BE): 0 (0x0000)
Sequence number (LE): 0 (0x0000)
Data (56 bytes)
Data: 000000000000000000000000000000000000000000000000...
[Length: 56]
Without NAT:
Internet Control Message Protocol
Type: 0 (Echo (ping) reply)
Code: 0
Checksum: 0xffff [correct]
Identifier (BE): 0 (0x0000)
Identifier (LE): 0 (0x0000)
Sequence number (BE): 0 (0x0000)
Sequence number (LE): 0 (0x0000)
[Request frame: 189]
[Response time: 0.024 ms]
Data (56 bytes)
Data: 000000000000000000000000000000000000000000000000...
[Length: 56]
And this in turn will make some hardware MAC checksum offloading
engines drop the packet.
(This was seen with a Synopsis MAC, the same one used in for instance the
stmmac Ethernet driver in the linux kernel.)
This change can be seen as a workaround for bugs in other layers.
But just setting an identifier for the Echo message packet will
avoid prodding the hornets nest.
function old new delta
common_ping_main 424 500 +76
Signed-off-by: Jonas Danielsson <jonasdn@axis.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
||
|---|---|---|
| .. | ||
| libiproute | ||
| ssl_helper | ||
| ssl_helper-wolfssl | ||
| udhcp | ||
| arp.c | ||
| arping.c | ||
| brctl.c | ||
| Config.src | ||
| dnsd.c | ||
| ether-wake.c | ||
| ftpd.c | ||
| ftpgetput.c | ||
| hostname.c | ||
| httpd_indexcgi.c | ||
| httpd_post_upload.txt | ||
| httpd_ssi.c | ||
| httpd.c | ||
| ifconfig.c | ||
| ifenslave.c | ||
| ifplugd.c | ||
| ifupdown.c | ||
| inetd.c | ||
| interface.c | ||
| ip.c | ||
| ipcalc.c | ||
| isrv_identd.c | ||
| isrv.c | ||
| isrv.h | ||
| Kbuild.src | ||
| nameif.c | ||
| nbd-client.c | ||
| nc_bloaty.c | ||
| nc.c | ||
| netstat.c | ||
| nslookup.c | ||
| ntpd.c | ||
| ntpd.diff | ||
| ping.c | ||
| pscan.c | ||
| route.c | ||
| slattach.c | ||
| tc.c | ||
| tcpudp_perhost.c | ||
| tcpudp_perhost.h | ||
| tcpudp.c | ||
| telnet.c | ||
| telnetd.c | ||
| telnetd.ctrlSQ.patch | ||
| tftp.c | ||
| traceroute.c | ||
| tunctl.c | ||
| vconfig.c | ||
| wget.c | ||
| whois.c | ||
| zcip.c | ||