Snort mailing list archives

Previous By Date Next
Previous By Thread Next

[PATCH] DAQ IPFW module packet injection fix

From: Lawrence Teo <lteo () lteo net>
Date: Tue, 26 Feb 2013 00:00:34 -0500
Hello Snort dev team,

I would like to report a bug in the DAQ IPFW module and contribute a
patch that fixes it.

In DAQ 2.0.0, the ipfw_daq_inject() function in daq_ipfw.c currently
ignores the buf and len arguments that are passed to it, and instead
calls ipfw_daq_forward() with impl->buf and hdr->pktlen.

This causes packet injections to fail when Snort is used with BSD's
divert sockets.  For example, when a Snort rule that is in reject mode
is triggered, the TCP resets are never sent.

The attached patch fixes this bug and allows packet injections to work
with divert sockets again.

Regards,
Lawrence

Attachment: daq_ipfw-inject-fix.diff
Description: 

------------------------------------------------------------------------------
Everyone hates slow websites. So do we.
Make your web apps faster with AppDynamics
Download AppDynamics Lite for free today:
http://p.sf.net/sfu/appdyn_d2d_feb
_______________________________________________
Snort-devel mailing list
Snort-devel () lists sourceforge net
https://lists.sourceforge.net/lists/listinfo/snort-devel
Archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-devel

Please visit http://blog.snort.org for the latest news about Snort!
Previous By Date Next
Previous By Thread Next

Current thread: