lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date:	Wed, 24 Feb 2010 14:52:20 -0800
From:	Andrew Morton <akpm@...ux-foundation.org>
To:	netdev@...r.kernel.org
Cc:	bugzilla-daemon@...zilla.kernel.org,
	bugme-daemon@...zilla.kernel.org, reinaldoc@...il.com
Subject: Re: [Bugme-new] [Bug 15379] New: u32 classifier port range
 calculation error


(switched to email.  Please respond via emailed reply-to-all, not via the
bugzilla web interface).

On Tue, 23 Feb 2010 20:56:09 GMT bugzilla-daemon@...zilla.kernel.org wrote:

> http://bugzilla.kernel.org/show_bug.cgi?id=15379
> 
>            Summary: u32 classifier port range calculation error
>            Product: Networking
>            Version: 2.5
>     Kernel Version: All (2.6.32 tested)
>           Platform: All
>         OS/Version: Linux
>               Tree: Mainline
>             Status: NEW
>           Severity: normal
>           Priority: P1
>          Component: Other
>         AssignedTo: acme@...stprotocols.net
>         ReportedBy: reinaldoc@...il.com
>         Regression: No
> 
> 
> U32 classifier have a problem on mask calculation of IP port range value.
> 
> To reproduce the problem:
> 
> ##### MASK CALCULATION FOR PORT RANGE 6880->6911
> 
> echo "obase=16;(2^13)-32" | bc
> 1FE0
> 
> Example:
> 
> ###### TC SAMPLE RULES
> tc qdisc del dev eth0 root >/dev/null 2>&1
> 
> tc qdisc  add dev eth0 root handle 1: htb default 1100
> tc class  add dev eth0 root classid 1:1000 htb rate 1000Mbit ceil 1000Mbit
> tc class  add dev eth0 classid 1:1100 parent 1:1000 htb prio 0 rate 999Mbit
> ceil 999Mbit
> tc class  add dev eth0 classid 1:1200 parent 1:1000 htb prio 0 rate 1Mbit  
> ceil 1Mbit
> 
> tc filter add dev eth0 protocol ip prio 1 parent 1: u32 flowid 1:1200 match ip
> dport 6880 0x1FE0
> 
> ###### STATS CLEAN ** success 0
> tc -s filter show dev eth0
> filter parent 1: protocol ip pref 1 u32
> filter parent 1: protocol ip pref 1 u32 fh 800: ht divisor 1
> filter parent 1: protocol ip pref 1 u32 fh 800::800 order 2048 key ht 800 bkt 0
> flowid 1:1200  (rule hit 116 success 0)
>   match 00001ae0/00001fe0 at 20 (success 0 )
> 
> ###### SENDING PACKETS I
> # nmap example.ufpa.br -p 1-10000
> 
> ###### STATS I ** success 32 (OK)
> # tc -s filter show dev eth0
> filter parent 1: protocol ip pref 1 u32
> filter parent 1: protocol ip pref 1 u32 fh 800: ht divisor 1
> filter parent 1: protocol ip pref 1 u32 fh 800::800 order 2048 key ht 800 bkt 0
> flowid 1:1200  (rule hit 12676 success 32)
>   match 00001ae0/00001fe0 at 20 (success 32 )
> 
> ###### SENDING PACKETS II
> # nmap example.ufpa.br -p 10000-20000
> 
> ###### STATS II ** success 64 (ERROR) - should not match
> 
> # tc -s filter show dev eth0
> filter parent 1: protocol ip pref 1 u32
> filter parent 1: protocol ip pref 1 u32 fh 800: ht divisor 1
> filter parent 1: protocol ip pref 1 u32 fh 800::800 order 2048 key ht 800 bkt 0
> flowid 1:1200  (rule hit 25172 success 64)
>   match 00001ae0/00001fe0 at 20 (success 64 )
> 
> ###### SENDING PACKETS III
> # nmap example.ufpa.br -p 20000-30000
> 
> ###### STATS III ** success 96 (ERROR) - should not match
> 
> # tc -s filter show dev eth0
> filter parent 1: protocol ip pref 1 u32
> filter parent 1: protocol ip pref 1 u32 fh 800: ht divisor 1
> filter parent 1: protocol ip pref 1 u32 fh 800::800 order 2048 key ht 800 bkt 0
> flowid 1:1200  (rule hit 43131 success 96)
>   match 00001ae0/00001fe0 at 20 (success 96 )
> 
> ### End

--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists