lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <8D5E459AD91A394F9610088F8AFFAB481FA547F04C@exchange>
Date:	Wed, 23 Feb 2011 12:56:21 +0200
From:	Haim Daniel <Haim.Daniel@...and.com>
To:	"'netdev@...r.kernel.org'" <netdev@...r.kernel.org>
Subject: FW: tproxy + bridge  - possible redundant skb_orphan call ?

Hi,
I use 2.6.34 on a transparent PEP:

A daemon listening to port 50800 on PEP is set.
The following transparent proxy rule is set for PEP:
iptables -t mangle -A PREROUTING  -p tcp --dport 666 -j TPROXY --tproxy-mark 0x1/0x1 --on-port 50800

In case of bridging: 
	the mangle PREROUTING is hooked from ebtables _before_ ip_rcv().
	the skb hits the TPROXY rule.
	nf_tproxy_assign_sock() sets skb->sk to local listen socket on port 50800.

However, ip_rcv() invokes later and orphans the skb. skb->sk is nulled => it prevents the
skb from reaching the local socket.

When the call to skb_orphan(skb) in ip_rcv() is removed, the skb reaches the local sk - ok.

On other cases, when the bridging is not involved, ip_rcv() is called before mangle PREROUTING ,hence skb
reaches the TPROXY target and being orphaned before skb->sk is set in nf_tproxy_assign_sock().

I don't understand what is the purpose of skb_orphan(skb) call in ip_rcv.
The comment above it states that it's related to tproxy:

/* Must drop socket now because of tproxy. */
skb_orphan(skb);

but since nf_tproxy_assign_sock() orphans the skb, it looks like
ip_rcv() skb_orphan() is redundant ?

appreciate your response,

best regards,

--haim d.
--eyal g.
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ