lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:	Wed, 1 Oct 2014 22:14:02 -0700
From:	Andy Lutomirski <luto@...capital.net>
To:	Network Development <netdev@...r.kernel.org>,
	Tom Herbert <therbert@...gle.com>,
	"David S. Miller" <davem@...emloft.net>
Subject: FOU RX interface?

Hi-

Sorry for the lack of proper threading here -- I lost the original message.

If I'm understanding the FOU use case correctly, if I set up a FOU
tunnel tun0 that is encapsulated in UDP on eth0, then tun0 packets
will be transmitted on tun0, but incoming packets will show up on eth0
when they're reinjected after stripping the FOU header.

Is this right?  I think that, without a way to reinject the received
packets on the tunnel interface, using FOU will be annoying.  For
example, writing firewall rules might be tricky.  And programs that
use packet sockets or SO_BINDTODEVICE could have a hard time being
configured such that they notice the received packets.

Also, is it even possible to assign a FOU tunnel to a different
network namespace than the device that's being tunneled over?  How
will the received packets end up in the right netns?

--Andy
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ