1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
|
.\"
.\" SPDX-License-Identifier: BSD-2-Clause
.\"
.\" Copyright (c) 2024 Igor Ostapenko <pm@igoro.pro>
.\"
.\" Redistribution and use in source and binary forms, with or without
.\" modification, are permitted provided that the following conditions
.\" are met:
.\" 1. Redistributions of source code must retain the above copyright
.\" notice, this list of conditions and the following disclaimer.
.\" 2. Redistributions in binary form must reproduce the above copyright
.\" notice, this list of conditions and the following disclaimer in the
.\" documentation and/or other materials provided with the distribution.
.\"
.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
.\" Note: The date here should be updated whenever a non-trivial
.\" change is made to the manual page.
.Dd January 6, 2025
.Dt DUMMYMBUF 4
.Os
.Sh NAME
.Nm dummymbuf
.Nd "mbuf alteration pfil hooks"
.Sh SYNOPSIS
To compile the driver into the kernel,
place the following line in the
kernel configuration file:
.Bd -ragged -offset indent
.Cd "device dummymbuf"
.Ed
.Pp
Alternatively, to load the driver as a
module at boot time, place the following line in
.Xr loader.conf 5 :
.Bd -literal -offset indent
dummymbuf_load="YES"
.Ed
.Sh DESCRIPTION
This module is intended to test networking code in the face of unusual mbuf
layouts.
The special
.Xr pfil 9
hooks are provided for mbuf alteration and can be listed with
.Xr pfilctl 8
as follows:
.Bd -literal -offset indent
Hook Type
dummymbuf:ethernet Ethernet
dummymbuf:inet6 IPv6
dummymbuf:inet IPv4
.Ed
.Pp
To activate a hook it must be linked to the respective
.Xr pfil 9
head.
.Xr pfilctl 8
can be used for the linking.
.Pp
Each time a hook is invoked it reads a single shared set of
.Sx RULES
from
.Va net.dummymbuf.rules
sysctl.
The rules are evaluated sequentially and each matching rule performs the
specified operation over the mbuf.
.Pp
After every successfully applied operation the
.Va net.dummymbuf.hits
sysctl counter is increased.
.Pp
A hook returns an altered mbuf for further processing, but it drops a packet
if rules parsing or an operation fails.
Also, the first mbuf of the original chain may be changed.
.Pp
The module is
.Xr VNET 9
based, hence every
.Xr jail 2
provides its own set of hooks and sysctl variables.
.Sh RULES
The set of rules is a semicolon separated list.
An empty string is treated as a parsing failure.
A rule conceptually has two parts, filter and operation, with the following
syntax:
.Bd -literal -offset indent
{inet | inet6 | ethernet} {in | out} <ifname> <opname>[ <opargs>];
.Ed
.Ss Filter
The first word of a rule matches
.Xr pfil 9
type.
The second matches packet's direction, and the third matches the network
interface a packet is coming from.
.Ss Operation
An operation may have arguments separated from its name by space.
The available operations are:
.Bl -tag -width indent
.It pull-head <number-of-bytes>
Unconditionally creates a brand new cluster-based mbuf and links it to be the
first mbuf of the original mbuf chain, with respective packet header moving.
After, the given number of bytes are pulled from the original mbuf chain.
.Pp
If it is asked to pull 0 bytes then the first mbuf of the resulting chain will
be left empty.
Asking to pull more than
.Dv MCLBYTES
is treated as an operation failure.
If a mbuf chain has less data than asked then the entire packet is pulled with
tail mbuf(s) left empty.
.Pp
As a result, only the layout of a mbuf chain is altered, its content logically
is left intact.
.It enlarge <number-of-bytes>
Unconditionally replace the mbuf with an mbuf of the specified size.
.El
.Sh SYSCTL VARIABLES
The following variables are available:
.Bl -tag -width indent
.It Va net.dummymbuf.rules
A string representing a single set of
.Sx RULES
shared among all
.Nm
hooks.
.It Va net.dummymbuf.hits
Number of times a rule has been applied.
It is reset to zero upon writing.
.El
.Sh EXAMPLES
As it was intended,
.Nm
can be found useful for firewall testing.
A mbuf chain could be altered before it hits a firewall to test that the latter
can handle a case respectively.
Thus, it is important to have correct sequence of hooks.
A test case should prepare and enable a firewall first to get its hooks linked.
After, the
.Xr pfilctl 8
should be used to link
.Nm
hook(s) to put them in front of a firewall.
.Pp
The following links
.Va dummymbuf:inet6
hook for inbound and puts it in front of other hooks:
.Bd -literal -offset indent
pfilctl link -i dummymbuf:inet6 inet6
.Ed
.Pp
And this does the same for outbound:
.Bd -literal -offset indent
pfilctl link -o -a dummymbuf:inet6 inet6
.Ed
.Pp
For instance, we want to test a scenario in which the very first mbuf in a
chain has zero m_len, to verify that a firewall can correctly read the
packet data despite that.
The following set of rules does it for inbound and outbound:
.Bd -literal -offset indent
sysctl net.dummymbuf.rules="inet6 in em0 pull-head 0; inet6 out em0 pull-head 0;"
.Ed
.Pp
It is encouraged to verify
.Va net.dummymbuf.hits
sysctl counter along with other test assertions to make sure that
.Nm
really does its work and there is no false positive due to misconfiguration.
It is a good idea to reset it before the action:
.Bd -literal -offset indent
sysctl net.dummymbuf.hits=0
.Ed
.Pp
It is equally important to cleanup the things after the test case:
.Bd -literal -offset indent
pfilctl unlink -i dummymbuf:inet6 inet6
pfilctl unlink -o dummymbuf:inet6 inet6
sysctl net.dummymbuf.rules=""
.Ed
.Pp
If a test case operates within a temporary vnet then explicit cleanup can be
omitted, the
.Nm
facilities will vanish along with its vnet instance.
.Sh DIAGNOSTICS
.Bl -diag
.It "dummymbuf: <filter match>: rule parsing failed: <the rule in question>"
If everything looks fine then extra spaces removal may help due to the parser
is kept very simple.
.It "dummymbuf: <filter match>: mbuf operation failed: <the rule in question>"
Incorrect operation argument has been found, mbuf allocation has failed, etc.
.El
.Sh SEE ALSO
.Xr jail 2 ,
.Xr pfilctl 8 ,
.Xr mbuf 9 ,
.Xr pfil 9 ,
.Xr VNET 9
.Sh AUTHORS
The module and this manual page were written by
.An Igor Ostapenko Aq Mt pm@igoro.pro .
|
