| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 28 Mar 2008 10:51:32 +0200 (EET) From: Julian Anastasov <ja@....bg> To: Herbert Xu <herbert@...dor.apana.org.au> cc: netdev@...r.kernel.org Subject: ICMP host relookup support doubts Hello, Am I missing something but it seems recent code (12 Dec 2007) in icmp_send uses fl.fl4_src for output and input routes while it can be initialized with saddr = 0 for non-local address. While this was suited for the initial output route to avoid error for non-local saddr, I suspect the relookup support uses it for additional output and input route. Isn't the end result that no ICMP error is sent after ip_route_input error for saddr=0? I assume no ICMP is generated for forwarded traffic, expect if xfrm_lookup changes fl somewhere. May be someone should fix it by replacing fl.fl4_src usage in the new code with original iph->daddr? Eg. fl2.fl4_dst and the saddr arg for ip_route_input? I don't know what is right to be done here. saddr=0 should be used only as saddr arg to output route. OTOH, sysctl_icmp_errors_use_inbound_ifaddr can change the saddr too. Regards -- Julian Anastasov <ja@....bg> -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists