From isolis@miramar.cse.ucsc.edu  Tue Mar 25 22:03:38 2003
Return-Path: <isolis@miramar.cse.ucsc.edu>
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 2D0DB37B401
	for <FreeBSD-gnats-submit@freebsd.org>; Tue, 25 Mar 2003 22:03:38 -0800 (PST)
Received: from miramar.cse.ucsc.edu (miramar.cse.ucsc.edu [128.114.63.92])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 9F6BE43F85
	for <FreeBSD-gnats-submit@freebsd.org>; Tue, 25 Mar 2003 22:03:37 -0800 (PST)
	(envelope-from isolis@miramar.cse.ucsc.edu)
Received: from miramar.cse.ucsc.edu (localhost.cse.ucsc.edu [127.0.0.1])
	by miramar.cse.ucsc.edu (8.12.8/8.12.5) with ESMTP id h2Q6DdGk049972;
	Tue, 25 Mar 2003 22:13:39 -0800 (PST)
	(envelope-from isolis@miramar.cse.ucsc.edu)
Received: (from isolis@localhost)
	by miramar.cse.ucsc.edu (8.12.8/8.12.6/Submit) id h2Q6Dcg7049971;
	Tue, 25 Mar 2003 22:13:38 -0800 (PST)
Message-Id: <200303260613.h2Q6Dcg7049971@miramar.cse.ucsc.edu>
Date: Tue, 25 Mar 2003 22:13:38 -0800 (PST)
From: Ignacio Solis <isolis@igso.net>
Reply-To: Ignacio Solis <isolis@igso.net>
To: FreeBSD-gnats-submit@freebsd.org
Cc: Ignacio Solis <isolis@igso.net>
Subject: natd / libalias fix to allow dcc resume in irc
X-Send-Pr-Version: 3.113
X-GNATS-Notify:

>Number:         50310
>Category:       kern
>Synopsis:       [libalias] [patch] natd / libalias fix to allow dcc resume in irc
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Tue Mar 25 22:10:12 PST 2003
>Closed-Date:    
>Last-Modified:  Wed Nov 15 19:26:21 GMT 2006
>Originator:     Ignacio Solis
>Release:        FreeBSD 5.0-RELEASE i386
>Organization:
UC Santa Cruz, California, US
>Environment:
System: FreeBSD imperial.casa.igso.net 5.0-RELEASE FreeBSD 5.0-RELEASE #5: Tue
Jan 28 23:31:36 PST 2003 isolis@imperial.casa.igso.net:/usr/obj/usr/src/sys/IMPERIAL i386
        Machine running natd as router/firewall, clients trying to do DCC RESUME while downloading files from irc

>Description:

	The current implementation of libalias has a simple way of doing NAT
for irc connections. It assumes that DCC messages all have the same format,
namely "DCC command file ip port .... etc". The RESUME command has a different
structure, and hence the simple assumptions of libalias make RESUME fail,
sending out erroneously translated messages. The format of RESUME is: "DCC
RESUME port size", where port is the port of the sender of the file (where we
connect), hence no translation is necesary.  The problem can be clearly seen
with 2 tcpdumps (with packet contents) at the sides of the nat box.

>How-To-Repeat:

Enable natd on the firewall/router. Have a client connect to IRC. Download a
piece of a file. Now try to download the rest of the file with a RESUME.

>Fix:

        This is a simple fix that just passes the packet through if it sees
it's a RESUME command.

--- libalias_dcc_resume.diff begins here ---
--- alias_irc.c.backup  Tue Mar 25 01:28:12 2003
+++ alias_irc.c Tue Mar 25 02:39:39 2003
@@ -140,6 +140,20 @@
                         }
                 }

+
+                if( sptr[i+0] == 'R' &&
+                    sptr[i+1] == 'E' &&
+                    sptr[i+2] == 'S' &&
+                    sptr[i+3] == 'U' &&
+                    sptr[i+4] == 'M' &&
+                    sptr[i+5] == 'E' &&
+                    sptr[i+6] == ' '){
+                        /* It's a resume packet, let it through, lBAD_CTCP
+                         * will copy the rest of the packet */
+                        DBprintf(("RESUME command...\n"));
+                        goto lBAD_CTCP;
+                }
+
                 DBprintf(("Transferring command...\n"));
                 while(sptr[i] != ' ') {
                         newpacket[iCopy++] = sptr[i];
--- libalias_dcc_resume.diff ends here ---
>Release-Note:
>Audit-Trail:
Responsible-Changed-From-To: freebsd-bugs->ru 
Responsible-Changed-By: ru 
Responsible-Changed-When: Sat Apr 5 01:10:21 PST 2003 
Responsible-Changed-Why:  
Over to a maintainer for review. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=50310 

From: Rezzo <rezzo@ngi.it>
To: freebsd-gnats-submit@FreeBSD.org, isolis@igso.net
Cc:  
Subject: Re: bin/50310: natd / libalias fix to allow dcc resume in irc
Date: Wed, 25 Jun 2003 23:56:41 +0200

 I have a FreeBSD 4.7 machine. To fix the DCC Resume problem I had to
 apply the patch slightly modified.
 
 I'm running ppp with -nat option. Xchat wasn't even replying to the
 DCC RESUME request from remote clients, so I had to use this nat
 option in ppp.conf:
 
     nat port tcp 0:1024-5000 1024-5000
 
 To have a 1:1 port correspondence for the common port-range setting of
 mIRC clients. Of course I have also set the same range of ports in my
 xchat client, which were so able to do a correct lookup in that port
 range during the DCC Resume negotiation.
 
 But at this point resume wasn't starting anyway because the CTCP DCC
 ACCEPT packet was sent (raw logs confirmed this) but appartently without
 effect on remote clients, so this patch seemed the solution.
 
 But the patch didn't solve the problem. I had to change it to let
 through the nat not the 'RESUME' packet but the 'ACCEPT' one.
 
 -Rezzo
 
 
 --- libalias_dcc_resume.diff begins here ---
 --- alias_irc.c.backup  Wed Jun 25 12:32:45 2003
 +++ alias_irc.c Wed Jun 25 23:29:10 2003
 @@ -140,6 +140,20 @@
                          }
                  }
 
 +
 +                if( sptr[i+0] == 'A' &&
 +                    sptr[i+1] == 'C' &&
 +                    sptr[i+2] == 'C' &&
 +                    sptr[i+3] == 'E' &&
 +                    sptr[i+4] == 'P' &&
 +                    sptr[i+5] == 'T' &&
 +                    sptr[i+6] == ' '){
 +                        /* It's an accept packet, let it through, lBAD_CTCP
 +                         * will copy the rest of the packet */
 +                        DBprintf(("RESUME command...\n"));
 +                        goto lBAD_CTCP;
 +                }
 +
                  DBprintf(("Transferring command...\n"));
                  while(sptr[i] != ' ') {
                          newpacket[iCopy++] = sptr[i];
 --- libalias_dcc_resume.diff ends here ---
 
 

From: Serge van den Boom <svdb@stack.nl>
To: freebsd-gnats-submit@FreeBSD.org, ru@FreeBSD.org, isolis@igso.net
Cc:  
Subject: Re: bin/50310: natd / libalias fix to allow dcc resume in irc
Date: Wed, 14 Apr 2004 06:00:58 +0200 (CEST)

 I can confirm the problem of the original reporter (Ignacio Solis).
 I independantly reached the same conclusion: natd is rewriting the
 DCC RESUME command, while it shouldn't.
 
 I think it's important that this problem is fixed shortly, since a lot of
 time can be wasted in tracing the problem of dcc resume not working to
 natd, and most people won't even be determined enough to do so.
 
 The original reporter's patch works, but an extra bounds check seems
 appropriate:
 	if( i+7 >= dlen )        /* Too short for RESUME */
 		goto lBAD_CTCP;
 
 As for the followup from Rezzo, I don't quite understand what he is doing,
 but if his problem is a bug at all, and not a mis-configuration on his part,
 it seems to be a different bug.
 
 
Responsible-Changed-From-To: ru->freebsd-bugs 
Responsible-Changed-By: ru 
Responsible-Changed-When: Fri Apr 16 23:18:17 PDT 2004 
Responsible-Changed-Why:  
ENOTIME. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=50310 
>Unformatted:
