On input ICMP handler is updating tcp_hostcache with the PMTU value.
On output calculate MTU based on the route/interface and hostcache.
Details
Details
Diff Detail
Diff Detail
- Repository
- rG FreeBSD src repository
- Lint
Lint Skipped - Unit
Tests Skipped
Event Timeline
Comment Actions
SCTP and TCP do a similar handling, but only after performing some checks (port numbers and vtag in case of SCTP, port numbers and sequence number in case of TCP) to make it non-trivial for an off-path attacker to generate an ICMP message, which will be accepted and the corresponding MTU will be cached.
How is such an check done in this context?
Comment Actions
Good point. I removed all *input processing and left only *output check, which might be worth to have it in one place as we don't update mtu here anyway. Also pushed some changes to UDP ctlinput to match https://reviews.freebsd.org/D30992