| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20091020132820.GA3159@gg.studio.tixteam.net> Date: Tue, 20 Oct 2009 15:28:20 +0200 From: Guido Trotter <ultrotter@...qua.net> To: netdev@...r.kernel.org Subject: Policy routing + route "via" gives a strange behavior Hi, I'm seeing what I think might be a strange kernel behavior when setting up a route "via" a gateway, with policy routing. When adding a route with a gateway, the kernel accepts it only if the gateway is reachable via that device. For example: ip route add default dev eth1 via 192.168.5.254 is only accepted if there is a route like: 192.168.5.0/24 dev eth1 scope link in the main routing table. which, of course, is ok, otherwise the kernel wouldn't be able to reach 192.168.5.254 in the first place. Now, when adding policy routing to the mix, if I do: ip route add table 100 default dev eth1 via 192.168.5.254 This is also refused unless a route like the one before appears in the default table, even though it does appear in table 100. Is this the right behavior, and if yes, why? It seems to me that it should be acceptable to have the network route as well just in the separate routing table, since the "via" will only be used by traffic hitting that table anyway. Thanks a lot, Guido -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists