lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <1284745887.2235.7.camel@edumazet-laptop>
Date:	Fri, 17 Sep 2010 19:51:27 +0200
From:	Eric Dumazet <eric.dumazet@...il.com>
To:	Nicola Padovano <nicola.padovano@...il.com>
Cc:	AIJAZ BAIG <aijazbaig1@...il.com>,
	netfilter-devel <netfilter-devel@...r.kernel.org>,
	netdev@...r.kernel.org
Subject: Re: problem with flowi structure

Dont top post, please.

Le vendredi 17 septembre 2010 à 19:05 +0200, Nicola Padovano a écrit :
> ok man :)
> the last question is about  fl.nl_u.ip4_u.saddr = 0...
> is it a kind of "jolly" selector of the source address?
> i.e. if we have a simplified cache route
> 
> SOURCE IP    DEST IP    NEXT HOP
> ips1                  google         nexthop1
> ips2                  google         nexthop2
> 
> with
> ...saddr = 0
> ....daddr = google
> ....tos =....
> i get nexthop1 or nexthop2. right?


Not "or" but exactly one.

If you have say 65534 ip addresses on your host (a full /16 network)

192.168.X.Y

If you want to send a frame from 182.168.1.2 to google, for sure the
route you are going to use is :

192.168.1.2  ->  google


If you want to send a frame from 182.168.10.20 to google, for sure the
route you are going to use is :

192.168.10.20  ->  google

and not the 192.168.1.2 -> google

if you say now :

Send a packet to google, please, I dont care of what source address you
chose, but I am interested to receive an answer, of course. (application
does not use bind() system call, only a send())

Then we look at the routing table given all the keys (for example, the
socket FWMARK or TOS value), and choose the primary address of the
network device the routes takes to join google.



--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ