UNCLEAN match broken in 2.4.6?

Joseph Fannin jhf@rivenstone.net
Thu, 5 Jul 2001 15:49:28 -0400 

On Thu, Jul 05, 2001 at 10:31:04PM +1000, James Morris wrote:
> On Thu, 5 Jul 2001, Joseph Fannin wrote:
> 
> > On Thu, Jul 05, 2001 at 07:26:31PM +1000, James Morris wrote:
> > > On Thu, 5 Jul 2001, Joseph Fannin jhf@rivenstone.net wrote:
> > >
> > > > I too am seeing the problems with UNCLEAN match support in kernel
> > > > 2.4.6 that Luigi Genoni reported yesterday.
> > >
> > >
> > > Please try the patch below.
> > >
> >
> >     I'm still getting the messages / dropping packets. :-(
> >
> >     Something I realized since my last message: Both Luigi and I have
> > netfilter built in statically.  I dunno if this is uncommon or not.
> >
> 
> Hi Joseph,
> 
> Could you please send me the log messages that you get with the patch
> applied.

[jhf@ostia /tmp]$ uname -a
Linux ostia 2.4.6 #6 Thu Jul 5 05:55:01 EDT 2001 i486 unknown

Jul  5 15:38:07 ostia kernel: NET: 2 messages suppressed.
Jul  5 15:38:07 ostia kernel: ipt_unclean: TCP option 8 at 22 too long
Jul  5 15:38:07 ostia kernel: unclean: IN=eth2 OUT=eth1 SRC=192.168.1.2 DST=192.168.2.1 LEN=64 TOS=0x00 PREC=0x00 TTL=63 ID=60012 DF PROTO=TCP SPT=2154 DPT=143 WINDOW=63328 RES=0x00 ACK PSH URGP=0 
Jul  5 15:38:07 ostia kernel: ipt_unclean: TCP option 8 at 22 too long
Jul  5 15:38:08 ostia kernel: ipt_unclean: TCP option 8 at 22 too long
Jul  5 15:38:08 ostia kernel: unclean: IN=eth2 OUT=eth1 SRC=192.168.1.2 DST=192.168.2.1 LEN=64 TOS=0x00 PREC=0x00 TTL=63 ID=60013 DF PROTO=TCP SPT=2154 DPT=143 WINDOW=63328 RES=0x00 ACK PSH URGP=0 
Jul  5 15:38:08 ostia kernel: ipt_unclean: TCP option 8 at 22 too long
Jul  5 15:38:08 ostia kernel: ipt_unclean: TCP option 8 at 22 too long
Jul  5 15:38:08 ostia kernel: unclean: IN=eth2 OUT=eth1 SRC=192.168.1.2 DST=192.168.2.1 LEN=64 TOS=0x00 PREC=0x00 TTL=63 ID=60014 DF PROTO=TCP SPT=2154 DPT=143 WINDOW=63328 RES=0x00 ACK PSH URGP=0 
Jul  5 15:38:08 ostia kernel: ipt_unclean: TCP option 8 at 22 too long
Jul  5 15:38:11 ostia last message repeated 4 times
Jul  5 15:38:13 ostia kernel: ipt_unclean: TCP option 3 at 37 too long
Jul  5 15:38:21 ostia kernel: NET: 21 messages suppressed.
Jul  5 15:38:21 ostia kernel: ipt_unclean: TCP option 8 at 22 too long
Jul  5 15:38:34 ostia kernel: NET: 71 messages suppressed.
Jul  5 15:38:34 ostia kernel: ipt_unclean: TCP option 3 at 37 too long
Jul  5 15:38:34 ostia last message repeated 2 times
Jul  5 15:38:58 ostia kernel: NET: 9 messages suppressed.
Jul  5 15:38:58 ostia kernel: ipt_unclean: TCP option 3 at 37 too long
Jul  5 15:38:58 ostia last message repeated 4 times
Jul  5 15:39:36 ostia kernel: NET: 7 messages suppressed.
Jul  5 15:39:36 ostia kernel: ipt_unclean: TCP option 8 at 26 too long
Jul  5 15:39:36 ostia kernel: unclean: IN=eth1 OUT=eth0 SRC=192.168.2.1 DST=216.32.174.27 LEN=56 TOS=0x00 PREC=0x00 TTL=63 ID=0 DF PROTO=TCP SPT=25 DPT=54815 WINDOW=5792 RES=0x00 ACK SYN URGP=0 
Jul  5 15:39:36 ostia kernel: ipt_unclean: TCP option 8 at 26 too long
Jul  5 15:39:38 ostia kernel: ipt_unclean: TCP option 4 at 26 too long
Jul  5 15:39:38 ostia last message repeated 3 times
Jul  5 15:39:39 ostia kernel: ipt_unclean: TCP option 8 at 26 too long
Jul  5 15:39:39 ostia kernel: ipt_unclean: TCP option 8 at 26 too long
Jul  5 15:39:44 ostia kernel: NET: 6 messages suppressed.
Jul  5 15:39:44 ostia kernel: ipt_unclean: TCP option 8 at 26 too long
Jul  5 15:39:52 ostia kernel: NET: 17 messages suppressed.
Jul  5 15:39:52 ostia kernel: ipt_unclean: TCP option 8 at 22 too long
Jul  5 15:39:55 ostia kernel: NET: 1 messages suppressed.
Jul  5 15:39:55 ostia kernel: ipt_unclean: TCP option 8 at 26 too long
Jul  5 15:40:00 ostia CROND[2447]: (root) CMD (   /sbin/rmmod -as) 
Jul  5 15:40:02 ostia kernel: NET: 7 messages suppressed.
Jul  5 15:40:02 ostia kernel: ipt_unclean: TCP option 3 at 37 too long
Jul  5 15:40:02 ostia kernel: unclean: IN= OUT=eth1 SRC=192.168.2.2 DST=192.168.2.1 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=0 PROTO=TCP SPT=1098 DPT=25 WINDOW=5840 RES=0x00 SYN URGP=0 
Jul  5 15:40:05 ostia kernel: NET: 1 messages suppressed.
Jul  5 15:40:05 ostia kernel: ipt_unclean: TCP option 3 at 37 too long
Jul  5 15:40:05 ostia kernel: unclean: IN= OUT=eth1 SRC=192.168.2.2 DST=192.168.2.1 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=0 PROTO=TCP SPT=1098 DPT=25 WINDOW=5840 RES=0x00 SYN URGP=0 
Jul  5 15:40:11 ostia kernel: NET: 1 messages suppressed.
Jul  5 15:40:11 ostia kernel: ipt_unclean: TCP option 3 at 37 too long
Jul  5 15:40:11 ostia kernel: unclean: IN= OUT=eth1 SRC=192.168.2.2 DST=192.168.2.1 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=0 PROTO=TCP SPT=1098 DPT=25 WINDOW=5840 RES=0x00 SYN URGP=0 

--
Joseph Fannin
jhf@rivenstone.net

"Bull in pure form is rare; there is usually some contamination by data."
    -- William Graves Perry Jr.