From nobody@FreeBSD.org  Tue Oct 24 12:23:02 2006
Return-Path: <nobody@FreeBSD.org>
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 2F40D16A501
	for <freebsd-gnats-submit@FreeBSD.org>; Tue, 24 Oct 2006 12:23:02 +0000 (UTC)
	(envelope-from nobody@FreeBSD.org)
Received: from www.freebsd.org (www.freebsd.org [216.136.204.117])
	by mx1.FreeBSD.org (Postfix) with ESMTP id D42BD43D75
	for <freebsd-gnats-submit@FreeBSD.org>; Tue, 24 Oct 2006 12:21:17 +0000 (GMT)
	(envelope-from nobody@FreeBSD.org)
Received: from www.freebsd.org (localhost [127.0.0.1])
	by www.freebsd.org (8.13.1/8.13.1) with ESMTP id k9OCKoJZ004034
	for <freebsd-gnats-submit@FreeBSD.org>; Tue, 24 Oct 2006 12:20:50 GMT
	(envelope-from nobody@www.freebsd.org)
Received: (from nobody@localhost)
	by www.freebsd.org (8.13.1/8.13.1/Submit) id k9OCKoKo004032;
	Tue, 24 Oct 2006 12:20:50 GMT
	(envelope-from nobody)
Message-Id: <200610241220.k9OCKoKo004032@www.freebsd.org>
Date: Tue, 24 Oct 2006 12:20:50 GMT
From: Rostislav Krasny<rosti.bsd@gmail.com>
To: freebsd-gnats-submit@FreeBSD.org
Subject: [PATCH] 'traceroute -e -P TCP' cannot work through a router which does NAT by PF
X-Send-Pr-Version: www-3.0

>Number:         104746
>Category:       bin
>Synopsis:       [patch] traceroute(8): 'traceroute -e -P TCP' cannot work through a router which does NAT by PF
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Tue Oct 24 12:30:22 GMT 2006
>Closed-Date:    
>Last-Modified:  Mon Dec 29 18:21:10 UTC 2008
>Originator:     Rostislav Krasny
>Release:        6.2-PRERELEASE
>Organization:
>Environment:
FreeBSD saturn.lan 6.2-PRERELEASE FreeBSD 6.2-PRERELEASE #0: Sat Oct 21 22:50:39 IST 2006     root@saturn.lan:/usr/obj/usr/src/sys/MYKERNEL  i386
>Description:
> traceroute -nq 1 -e -P TCP -p 80 216.136.204.117
traceroute to 216.136.204.117 (216.136.204.117), 64 hops max, 52 bytepackets
 1  192.168.1.1  0.619 ms
 2  10.0.0.138  2.108 ms
 3  192.168.1.1  0.481 ms !H

Also, read following discussion:

http://lists.freebsd.org/pipermail/freebsd-net/2006-August/011382.html
http://lists.freebsd.org/pipermail/freebsd-net/2006-August/011397.html
http://lists.freebsd.org/pipermail/freebsd-net/2006-August/011401.html
http://lists.freebsd.org/pipermail/freebsd-net/2006-August/011409.html
http://lists.freebsd.org/pipermail/freebsd-net/2006-October/012136.html
>How-To-Repeat:
See the above description
>Fix:
--- traceroute.c.orig	Fri Aug 18 18:52:57 2006
+++ traceroute.c	Sat Oct 14 18:49:11 2006
@@ -721,7 +721,8 @@ main(int argc, char **argv)
 		outip->ip_dst = to->sin_addr;
 
 	outip->ip_hl = (outp - (u_char *)outip) >> 2;
-	ident = (getpid() & 0xffff) | 0x8000;
+	ident = getpid();
+	ident = ((ident << CHAR_BIT) | (ident >> CHAR_BIT) & 0xffff) | 0x8000;
 
 	if (pe == NULL) {
 		Fprintf(stderr, "%s: unknown protocol %s\n", prog, cp);
@@ -1355,7 +1356,7 @@ tcp_prep(struct outdata *outdata)
 {
 	struct tcphdr *const tcp = (struct tcphdr *) outp;
 
-	tcp->th_sport = htons(ident);
+	tcp->th_sport = htons(ident + (fixedPort ? outdata->seq : 0));
 	tcp->th_dport = htons(port + (fixedPort ? 0 : outdata->seq));
 	tcp->th_seq = (tcp->th_sport << 16) | (tcp->th_dport +
 	    (fixedPort ? outdata->seq : 0));
@@ -1375,9 +1376,10 @@ tcp_check(const u_char *data, int seq)
 {
 	struct tcphdr *const tcp = (struct tcphdr *) data;
 
-	return (ntohs(tcp->th_sport) == ident
+	return (ntohs(tcp->th_sport) == ident + (fixedPort ? seq : 0)
 	    && ntohs(tcp->th_dport) == port + (fixedPort ? 0 : seq))
-	    && tcp->th_seq == (ident << 16) | (port + seq);
+	    && tcp->th_seq == (tcp->th_sport << 16) |
+		(port + (fixedPort ? seq : 0));
 }
 
 void


>Release-Note:
>Audit-Trail:
>Unformatted:
