lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date:	Fri, 01 Jun 2007 15:36:27 +1000
From:	Mick McCreath <>
Subject: raw sockets ignore IP_HDRINCL data


I have a multi-homed system like this:

eth1: GW:
eth2: GW:

route ouput snippet is:

default UG 3 0 0 eth2
default UG 4 0 0 eth1
default UG 4 0 0 eth2

When I run traceroute -i eth1, the UDP packets are routed out

Has anybody seen this behaviour with traceroute??

I have done some debugging, and believe this to be an ipv4 kernel bug.
My research came up with the following:

By the traceroute source code, it uses raw sockets and relies on
IP_HDRINCL (which is defined in the kernel source <netinet/in.h>) to
select the routing interface and does not bind the socket to the source
IP address.

I hacked the traceroute source code to do a bind if the -i option is used,
and the correct GW is used.

I am using a 2.4.29 kernel and have traced through the kernel and
in .../net/ipv4/raw.c, raw_sendmsg() does not read the data to get the
IP header and the source address, which then results in a source
address and hence the routing, ip_route_output(), pulls the default
gateway with the lowest metric, in this case eth2.

I have also used a 2.6.21 kernel and similiar behaviour happens. The
2.6.21 kernel source code does not read the IP header from the data

Am I reading/interpreting the source code correctly?

Any other suggestions/more information would be great.



Mick McCreath
Sr Engineer

Secure Computing®
your trusted source for enterprise security™

61 7 3435 2803 (Direct Phone)

Secure Computing Corporation
825 Stanley Street
Queensland 4102

The information contained in this email message may be privileged,
confidential and protected from disclosure. If you are not the intended
recipient, any review, dissemination, distribution or copying is
strictly prohibited. If you have received this email message in error,
please notify the sender by reply email and delete the message and any

To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to
More majordomo info at

Powered by blists - more mailing lists