Hi, this diff adds a sysctl to disable kernel icmp echo processing and pass it to userland via raw sockets. I'm terrible with names but I chose userecho, so net.inet.icmp.userecho.
I did some basic tests and it seems to work ok. I kinda need this to tunnel ip over icmp echo. Index: netinet/icmp_var.h =================================================================== RCS file: /cvs/src/sys/netinet/icmp_var.h,v retrieving revision 1.13 diff -d -u -p -w -r1.13 icmp_var.h --- netinet/icmp_var.h 13 Dec 2007 20:00:53 -0000 1.13 +++ netinet/icmp_var.h 15 Jul 2011 22:47:17 -0000 @@ -65,7 +65,8 @@ struct icmpstat { #define ICMPCTL_REDIRTIMEOUT 5 /* Remove routes added via redirects */ #define ICMPCTL_TSTAMPREPL 6 /* allow replies to timestamp requests */ #define ICMPCTL_STATS 7 /* ICMP statistics */ -#define ICMPCTL_MAXID 8 +#define ICMPCTL_USERECHO 8 /* ICMP echo requests in raw sockets */ +#define ICMPCTL_MAXID 9 #define ICMPCTL_NAMES { \ { 0, 0 }, \ @@ -75,7 +76,8 @@ struct icmpstat { { "rediraccept", CTLTYPE_INT }, \ { "redirtimeout", CTLTYPE_INT }, \ { "tstamprepl", CTLTYPE_INT }, \ - { "stats", CTLTYPE_STRUCT } \ + { "stats", CTLTYPE_STRUCT }, \ + { "userecho", CTLTYPE_INT } \ } #define ICMPCTL_VARS { \ @@ -86,7 +88,8 @@ struct icmpstat { &icmp_rediraccept, \ NULL, \ &icmptstamprepl, \ - NULL \ + NULL, \ + &icmpuserecho, \ } #ifdef _KERNEL Index: netinet/ip_icmp.c =================================================================== RCS file: /cvs/src/sys/netinet/ip_icmp.c,v retrieving revision 1.94 diff -d -u -p -w -r1.94 ip_icmp.c --- netinet/ip_icmp.c 6 Jul 2011 01:57:37 -0000 1.94 +++ netinet/ip_icmp.c 15 Jul 2011 22:47:17 -0000 @@ -106,6 +106,7 @@ */ int icmpmaskrepl = 0; +int icmpuserecho = 0; int icmpbmcastecho = 0; int icmptstamprepl = 1; #ifdef ICMPPRINTFS @@ -482,6 +483,8 @@ icmp_input(struct mbuf *m, ...) break; case ICMP_ECHO: + if (icmpuserecho) + goto raw; if (!icmpbmcastecho && (m->m_flags & (M_MCAST | M_BCAST)) != 0) { icmpstat.icps_bmcastecho++;