Hi networky people, I'm not sure if this was deliberate or if it's a bug.
If you create a raw IP socket, turn on IP_HDRINCL and SO_DONTROUTE, and then use sendto(2) to send a packet, the destination address provided to sendto(2) is ignored; instead, the destination is taken from the packet's ip_dst field. It looks like this happens because rip_output calls ip_output with a NULL value for ro, prompting ip_output to look up the destination from the IP packet, rather than the destination passed to sendto (which never made its way out of rip_output). I tripped over this because I was trying to have a userland process which routes (some) packets differently from how the routing tables specify; but my "no really, go out THAT interface" wasn't being respected. :-( (Full background: I want to make a transparent proxy which intercepts outgoing connections to 169.254.169.254, allowing some of them through and redirecting others for special handling. I created a tun which outgoing packets get routed into; but I ran into problems when I wanted to forward some of the packets out of the external interface since they ignored my attempts to route them and came straight back into the tun instead.) -- Colin Percival Security Officer Emeritus, FreeBSD | The power to serve Founder, Tarsnap | www.tarsnap.com | Online backups for the truly paranoid _______________________________________________ freebsd-net@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"
