lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-Id: <8CB45E27B3643B3-2F30-917@webmail-stg-d07.sysops.aol.com>
Date:	Fri, 16 Jan 2009 06:12:40 -0500
From:	jpo234@...scape.net
To:	remi.denis-courmont@...ia.com
Cc:	netdev@...r.kernel.org
Subject: Re: Sending complete IPv6 packets without bypassing netfilter/IPsec

Rémi,
sorry, but a transport-layer raw socket is something I'd like to avoid. 
The reason is, that I get the ready made packets from a tun device. 
This means I can't make assumptions about the protocol value. Using 
transport-layer raw sockets would mean that I had to open a new socket 
for every packet I'm forwarding (yeah, I would cache them). This was 
the way I had decided upon before Herbert's hint, but I think you 
understand why I'd rather not go this way.

Regards
  Joerg

-----Original Message-----
From: Rémi Denis-Courmont <remi.denis-courmont@...ia.com>
To: ext jpo234@...scape.net <jpo234@...scape.net>
Cc: herbert@...dor.apana.org.au; netdev@...r.kernel.org
Sent: Fri, 16 Jan 2009 11:56 am
Subject: Re: Sending complete IPv6 packets without bypassing 
netfilter/IPsec

On Friday 16 January 2009 12:46:30 ext jpo234@...scape.net, you wrote:
> Herbert,
> sorry for bothering you (and everybody else on the list) again. It
> seems that the stack does not replace a "::" source address with a 
real
> one when using a PF_INET6/SOCK_RAW/IPPROTO_RAW socket the way it does
> with an IP_HDRINCL IPv4 socket for "0.0.0.0". Do I have to fill this
> one myself

Yes. That's the _whole_ point of writing the header yourself.

> or is there another trick to achieve this?

Use transport-layer raw sockets and let the kernel do the network 
header.

--
Rémi Denis-Courmont
Maemo Software, Nokia Devices R&D






--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ