From nobody@FreeBSD.org  Tue Apr 26 07:52:52 2005
Return-Path: <nobody@FreeBSD.org>
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 18A7016A4CE
	for <freebsd-gnats-submit@FreeBSD.org>; Tue, 26 Apr 2005 07:52:52 +0000 (GMT)
Received: from www.freebsd.org (www.freebsd.org [216.136.204.117])
	by mx1.FreeBSD.org (Postfix) with ESMTP id DF79A43D4C
	for <freebsd-gnats-submit@FreeBSD.org>; Tue, 26 Apr 2005 07:52:51 +0000 (GMT)
	(envelope-from nobody@FreeBSD.org)
Received: from www.freebsd.org (localhost [127.0.0.1])
	by www.freebsd.org (8.13.1/8.13.1) with ESMTP id j3Q7qpRa021259
	for <freebsd-gnats-submit@FreeBSD.org>; Tue, 26 Apr 2005 07:52:51 GMT
	(envelope-from nobody@www.freebsd.org)
Received: (from nobody@localhost)
	by www.freebsd.org (8.13.1/8.13.1/Submit) id j3Q7qp8n021258;
	Tue, 26 Apr 2005 07:52:51 GMT
	(envelope-from nobody)
Message-Id: <200504260752.j3Q7qp8n021258@www.freebsd.org>
Date: Tue, 26 Apr 2005 07:52:51 GMT
From: realsight <realsight@nm.ru>
To: freebsd-gnats-submit@FreeBSD.org
Subject: Path MTU discovery ICMP NATD BSD 6.0 crash
X-Send-Pr-Version: www-2.3

>Number:         80354
>Category:       kern
>Synopsis:       [crash] Path MTU discovery ICMP NATD BSD 6.0 crash
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    andre
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Tue Apr 26 08:00:34 GMT 2005
>Closed-Date:    Sat Feb 18 16:38:55 GMT 2006
>Last-Modified:  Sat Feb 18 16:38:55 GMT 2006
>Originator:     realsight
>Release:        free BSD 6.0
>Organization:
>Environment:
kernel custom FreeBSD 6.0 
custom kernel options are:
IPFIREWALL
DUMMYNET
IPDIVERT

>Description:
after sending serval icmp malfromed packets related to Path MTU discovery
attack freebsd crashes due the fact of consuming large amounts of cpu and
memory resources, tested as an throughput of NATD 

related infos:
http://www.gont.com.ar/drafts/icmp-attacks-against-tcp.html

da
cu

>How-To-Repeat:
      
>Fix:
      
>Release-Note:
>Audit-Trail:
Responsible-Changed-From-To: freebsd-bugs->andre 
Responsible-Changed-By: andre 
Responsible-Changed-When: Mon Aug 22 12:24:10 GMT 2005 
Responsible-Changed-Why:  
realsight, 

do you have a backtrace or the program to generate these malformed 
packets? 

--  
Andre 


http://www.freebsd.org/cgi/query-pr.cgi?pr=80354 
State-Changed-From-To: open->suspended 
State-Changed-By: andre 
State-Changed-When: Wed Sep 14 15:08:52 GMT 2005 
State-Changed-Why:  
Submitter did not respond to questions for more details.  Could not 
reproduce issue. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=80354 
State-Changed-From-To: suspended->closed 
State-Changed-By: andre 
State-Changed-When: Sat Feb 18 16:38:16 UTC 2006 
State-Changed-Why:  
Submittor never gave more detailed information.  Unable to reproduce 
issue. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=80354 
>Unformatted:
