lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20110209181752.GA2042@darkmag.usersys.redhat.com>
Date:	Wed, 9 Feb 2011 19:17:52 +0100
From:	Veaceslav Falico <vfalico@...hat.com>
To:	netdev@...r.kernel.org
Cc:	Stephen Hemminger <shemminger@...ux-foundation.org>,
	bridge@...ts.linux-foundation.org
Subject: mac addresses of local interfaces do not obey setageing 0

Hello,

I have a host and a VM inside this host bridged. I've set ageing_time and
forward_delay to 0 and trying to capture all the traffic that goes through that
bridge from my VM, but it fails to capture the traffic that has dst ether
address the same as the hosts address (i.e. I can't capture the traffic to the
host).

>From the code, I see that br->ageing_time doesn't really work with local mac
addresses - has_expired() function never says that a local interface mac address
is expired, because it verifies if fdb->is_static is set and returns right away.

Is this the desired behaviour? If so, is there a way to capture packets with
destination to a local interface from another interface?

I've also done a small patch and it seems to fix the situation, but I am not
sure if it's the right way to do it.


Regards,
Veaceslav

---
 net/bridge/br_fdb.c |    4 ++--
 1 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/net/bridge/br_fdb.c b/net/bridge/br_fdb.c
index 88485cc..3d380c2 100644
--- a/net/bridge/br_fdb.c
+++ b/net/bridge/br_fdb.c
@@ -61,8 +61,8 @@ static inline unsigned long hold_time(const struct net_bridge *br)
 static inline int has_expired(const struct net_bridge *br,
 				  const struct net_bridge_fdb_entry *fdb)
 {
-	return !fdb->is_static &&
-		time_before_eq(fdb->ageing_timer + hold_time(br), jiffies);
+	return (br->ageing_time == 0) || (!fdb->is_static &&
+		time_before_eq(fdb->ageing_timer + hold_time(br), jiffies));
 }
 
 static inline int br_mac_hash(const unsigned char *mac)
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ