Description:
Change tcprewrite to add a option flag fixhdrlen to enable (default disable) modifying packet header length.
Only modify packet header length when flag fixhdrlen is used.
Explanation:
The tcprewrite program modifies packet length in an unexpected and (sometimes) undesireable manner.
Due to the change introduced in ver 4.4.1, packet header length is rewritten in certain cases, due to packet padding.
This behavior is different from 4.4.0 and prior, and needs to be guarded by a flag.
The tcprewrite program modifies packet length in an undesireable manner.
The result is an incorrect checksum, and packets may be discarded by some systems due to the incorrect checksum.
Solution is to add a flag, ``,
Solution is to add an option flag fixhdrlen, to enable change introduced in version 4.4.1
resolves issue #844 by avoiding undesired packet header length modification
resolves issue #703 by enabling modification to packet header length
Describe the bug
TCP rewrite produces an incorrect IP and TCP checksum for certain pcap files.
TCP rewrite appears to change packet length incorrectly, and thus produces an invalid checksum;
certain downstream processing may treat said incorrect checksum as a spoofing attempt and discard packet.
Expected behavior:
TCP rewrite should only change packet length when that behavior is specifically desired (command line option?).
TCP rewrite should correctly calculate IP and TCP checksum (incorrect because length incorrect).
Description: Change
tcprewrite
to add a option flagfixhdrlen
to enable (default disable) modifying packet header length. Only modify packet header length when flagfixhdrlen
is used.Explanation: The
tcprewrite
program modifies packet length in an unexpected and (sometimes) undesireable manner.Due to the change introduced in ver 4.4.1, packet header length is rewritten in certain cases, due to packet padding. This behavior is different from 4.4.0 and prior, and needs to be guarded by a flag.
The tcprewrite program modifies packet length in an undesireable manner. The result is an incorrect checksum, and packets may be discarded by some systems due to the incorrect checksum.
Solution is to add a flag, ``,
Solution is to add an option flag
fixhdrlen
, to enable change introduced in version 4.4.1Describe the bug TCP rewrite produces an incorrect IP and TCP checksum for certain pcap files. TCP rewrite appears to change packet length incorrectly, and thus produces an invalid checksum; certain downstream processing may treat said incorrect checksum as a spoofing attempt and discard packet.
Expected behavior: TCP rewrite should only change packet length when that behavior is specifically desired (command line option?). TCP rewrite should correctly calculate IP and TCP checksum (incorrect because length incorrect).
Reference:
To Reproduce
Steps to reproduce the behavior:
Packet Captures
Packet Captures to Reproduce:
tcprewrite-pcaps.zip
Examine packets
Use Wireshark to examine and compare both packets.
Screenshots N/A - use Wireshark to view packets
System (please complete the following information):
Linux hostname 5.15.0-71-generic #78-Ubuntu SMP datetime x86_64 x86_64 x86_64 GNU/Linux
Additional context The erroneous checksum is due to the changed length. The problem results in dropped packet.