| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 23 Apr 2009 14:13:59 +0200 From: Patrick McHardy <kaber@...sh.net> To: Jarek Poplawski <jarkao2@...il.com> CC: Salatiel Filho <salatiel.filho@...il.com>, Jan Engelhardt <jengelh@...ozas.de>, "Y. D." <duyuyang@...il.com>, netdev <netdev@...r.kernel.org>, netfilter-devel <netfilter-devel@...r.kernel.org> Subject: Re: IMQ bug: kernel reboot immediately Jarek Poplawski wrote: > On Thu, Apr 23, 2009 at 01:46:10PM +0200, Patrick McHardy wrote: >> Jarek Poplawski wrote: >>> On Thu, Apr 23, 2009 at 01:22:19PM +0200, Patrick McHardy wrote: >>> ... >>>> Currently not, the conntrack association is done at a later point. >>>> We could add a classifier or TC action that performs the lookup >>>> during ingress classification. >>> BTW, some time ago I started to wonder how safe are those various >>> ingress activities wrt. invalid packets, dropped later in ip_rcv(). >> Leaving aside the ipt action, I'm not aware of any problems caused >> by ingress classification. Could you be more specific? > > There is nothing specific yet. I hope these other classifiers and > actions aren't mislead too much to go astray. Generally, there shouldn't be any problems specific to ingress since the classifiers have to expect all kinds of invalid packets on egress as well. -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists