From klaus@winf.htu.tuwien.ac.at  Sat Jan 27 11:06:28 2001
Return-Path: <klaus@winf.htu.tuwien.ac.at>
Received: from winf.htu.tuwien.ac.at (winf.htu.tuwien.ac.at [128.131.95.2])
	by hub.freebsd.org (Postfix) with ESMTP id CC84437B699
	for <FreeBSD-gnats-submit@freebsd.org>; Sat, 27 Jan 2001 11:06:26 -0800 (PST)
Received: by winf.htu.tuwien.ac.at (Postfix, from userid 1001)
	id D0B565D6B; Sat, 27 Jan 2001 20:06:24 +0100 (CET)
Message-Id: <20010127190624.D0B565D6B@winf.htu.tuwien.ac.at>
Date: Sat, 27 Jan 2001 20:06:24 +0100 (CET)
From: klaus@winf.htu.tuwien.ac.at
Reply-To: klaus@winf.htu.tuwien.ac.at
To: FreeBSD-gnats-submit@freebsd.org
Subject: obscure natd(8) error message
X-Send-Pr-Version: 3.2

>Number:         24683
>Category:       bin
>Synopsis:       obscure natd(8) error message
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-bugs
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Sat Jan 27 11:10:04 PST 2001
>Closed-Date:    Tue Feb 27 00:36:03 PST 2001
>Last-Modified:  Tue Feb 27 00:36:47 PST 2001
>Originator:     Klaus A. Brunner
>Release:        FreeBSD 4.2-STABLE i386
>Organization:
HTU Wien, FS WInf
>Environment:

	FreeBSD (any version?) running natd(8)

>Description:

There is a rather annoying problem with natd(8)'s error message
"unable to write packet back (...)". This error message may occur
when a host is down, or when a firewall rule prevents natd from
completing a sendto(). The problem is not that this error message 
exists, but that it does not give *any* detail (_which_ packet, 
addresses?).

The problem is frequently reported on -questions and other lists,
and it's also been bugging me for a while because I just couldn't
figure out what was happening from ipfw logs et al.

>How-To-Repeat:

(see description)
One scenario where this seems to happen frequently is when you're 
running Samba and natd on the same box.

>Fix:

This simple patch makes the error message verbose enough to be useful:

--- natd.c	Sat Jan 27 19:48:30 2001
+++ /tmp/natd.c	Sat Jan 27 19:38:50 2001
@@ -586,7 +586,7 @@
 static void FlushPacketBuffer (int fd)
 {
 	int			wrote;
-	char			msgBuf[80];
+	char			msgBuf[160];
 /*
  * Put packet back for processing.
  */
@@ -616,7 +616,8 @@
 		}
 		else {
 
-			sprintf (msgBuf, "failed to write packet back");
+			sprintf (msgBuf, "failed to write packet back (%s)", 
+                                 FormatPacket((struct ip*)packetBuf));
 			Warn (msgBuf);
 		}
 	}



>Release-Note:
>Audit-Trail:

From: "Klaus A. Brunner" <k.brunner@acm.org>
To: freebsd-gnats-submit@FreeBSD.org, klaus@winf.htu.tuwien.ac.at
Cc:  
Subject: Re: bin/24683: obscure natd(8) error message
Date: Sun, 28 Jan 2001 13:01:48 +0100

 This is a multi-part message in MIME format.
 --------------C13813343533D3E74851CCCD
 Content-Type: text/plain; charset=us-ascii
 Content-Transfer-Encoding: 7bit
 
 Here's a slightly extended patch which also substitutes snprintf() for
 sprintf().
 --------------C13813343533D3E74851CCCD
 Content-Type: text/plain; charset=us-ascii;
  name="natd.newpatch"
 Content-Transfer-Encoding: 7bit
 Content-Disposition: inline;
  filename="natd.newpatch"
 
 Index: natd/natd.c
 ===================================================================
 RCS file: /home/ncvs/src/sbin/natd/natd.c,v
 retrieving revision 1.25.2.3
 diff -u -r1.25.2.3 natd.c
 --- natd/natd.c	2000/07/11 20:00:57	1.25.2.3
 +++ natd/natd.c	2001/01/28 11:57:13
 @@ -586,7 +586,7 @@
  static void FlushPacketBuffer (int fd)
  {
  	int			wrote;
 -	char			msgBuf[80];
 +	char			msgBuf[160];
  /*
   * Put packet back for processing.
   */
 @@ -616,10 +616,12 @@
  		}
  		else {
  
 -			sprintf (msgBuf, "failed to write packet back");
 +			snprintf (msgBuf, sizeof(msgBuf), 
 +                                  "failed to write packet back (%s)",
 +                                  FormatPacket((struct ip*)packetBuf);
  			Warn (msgBuf);
  		}
 -	}
 +        }
  
  	packetSock = -1;
  }
 @@ -680,7 +682,8 @@
  	switch (ip->ip_p) {
  	case IPPROTO_TCP:
  		tcphdr = (struct tcphdr*) ((char*) ip + (ip->ip_hl << 2));
 -		sprintf (buf, "[TCP] %s:%d -> %s:%d",
 +		snprintf (buf, sizeof(buf), 
 +                              "[TCP] %s:%d -> %s:%d",
  			      src,
  			      ntohs (tcphdr->th_sport),
  			      dst,
 @@ -689,7 +692,8 @@
  
  	case IPPROTO_UDP:
  		udphdr = (struct udphdr*) ((char*) ip + (ip->ip_hl << 2));
 -		sprintf (buf, "[UDP] %s:%d -> %s:%d",
 +		snprintf (buf, sizeof(buf), 
 +                              "[UDP] %s:%d -> %s:%d",
  			      src,
  			      ntohs (udphdr->uh_sport),
  			      dst,
 @@ -698,7 +702,8 @@
  
  	case IPPROTO_ICMP:
  		icmphdr = (struct icmp*) ((char*) ip + (ip->ip_hl << 2));
 -		sprintf (buf, "[ICMP] %s -> %s %u(%u)",
 +		snprintf (buf, sizeof(buf),  
 +                              "[ICMP] %s -> %s %u(%u)",
  			      src,
  			      dst,
  			      icmphdr->icmp_type,
 @@ -706,7 +711,8 @@
  		break;
  
  	default:
 -		sprintf (buf, "[%d] %s -> %s ", ip->ip_p, src, dst);
 +		snprintf (buf, sizeof(buf), "[%d] %s -> %s ", 
 +                                            ip->ip_p, src, dst);
  		break;
  	}
  
 
 --------------C13813343533D3E74851CCCD--
 
 
State-Changed-From-To: open->closed 
State-Changed-By: ru 
State-Changed-When: Tue Feb 27 00:36:03 PST 2001 
State-Changed-Why:  
natd(8) shows the packet's details if run in verbose mode: 

Out [TCP]  [TCP] 194.220.45.115:49328 -> 212.110.128.68:21 aliased to 
[TCP] 194.220.45.115:41926 -> 212.110.128.68:21 
natd: failed to write packet back: Permission denied 

http://www.freebsd.org/cgi/query-pr.cgi?pr=24683 
>Unformatted:
