Add a sysctl to change to length of the quotation of the original

packet in an ICMP reply.  The minimum of 8 bytes is internally
enforced.  The maximum quotation is the remaining space in the
reply mbuf.

This option is added in response to the issues raised in I-D
draft-gont-icmp-payload-00.txt.

MFC after:	2 weeks
Spnsored by:	TCP/IP Optimizations Fundraise 2005

1 files changed, 12 insertions, 1 deletions

diff --git a/sys/netinet/ip_icmp.c b/sys/netinet/ip_icmp.c
index 0cba594..265562e 100644
--- a/sys/netinet/ip_icmp.c
+++ b/sys/netinet/ip_icmp.c
@@ -115,6 +115,11 @@ SYSCTL_INT(_net_inet_icmp, OID_AUTO, reply_from_interface, CTLFLAG_RW,
 	&icmp_rfi, 0, "ICMP reply from incoming interface for "
 	"non-local packets");
 
+static int	icmp_quotelen = 8;
+SYSCTL_INT(_net_inet_icmp, OID_AUTO, quotelen, CTLFLAG_RW,
+	&icmp_quotelen, 0, "Number of bytes from original packet to "
+	"quote in ICMP reply");
+
 /*
  * ICMP broadcast echo sysctl
  */
@@ -184,7 +189,13 @@ icmp_error(n, type, code, dest, mtu)
 #ifdef MAC
 	mac_create_mbuf_netlayer(n, m);
 #endif
-	icmplen = min(oiplen + 8, oip->ip_len);
+	/*
+	 * Calculate length to quote from original packet and
+	 * prevent the ICMP mbuf from overflowing.
+	 */
+	icmplen = min(oiplen + max(8, icmp_quote), oip->ip_len);
+	icmplen = min(icmplen, M_TRAILINGSPACE(m) -
+			(ICMP_MINLEN + sizeof(struct ip)));
 	if (icmplen < sizeof(struct ip))
 		panic("icmp_error: bad length");
 	m->m_len = icmplen + ICMP_MINLEN;