lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <alpine.LFD.2.00.1105270814360.1520@ja.ssi.bg>
Date:	Fri, 27 May 2011 08:27:23 +0300 (EEST)
From:	Julian Anastasov <ja@....bg>
To:	Victor Mataré <matare@....rwth-aachen.de>
cc:	David Miller <davem@...emloft.net>, akpm@...ux-foundation.org,
	netdev@...r.kernel.org, bugzilla-daemon@...zilla.kernel.org,
	bugme-daemon@...zilla.kernel.org
Subject: Re: [Bugme-new] [Bug 35862] New: arp requests from wrong src IP


	Hello,

On Thu, 26 May 2011, Victor Mataré wrote:

> Examining the host which now has 137.226.164.2 (used to have 137.226.164.13):
> 
> # ip addr show dev eth0
> 4: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP qlen 1000
>      link/ether 00:e0:81:41:1f:e4 brd ff:ff:ff:ff:ff:ff
>      inet 137.226.164.2/24 brd 137.226.164.255 scope global eth0
>      inet 192.168.23.2/24 brd 137.226.164.255 scope global eth0:0
> [...]
> 
> Sorry, got confused with all the swapping. I'm *not* keeping the old address around, it's completely *gone*, from both ifconfig and ip. But still it's being used as arp src address. That's what this bug is about. Sorry for the confusion.

	It looks strange. Can you confirm the following things:

- the kernel version

- the order of 'ip' command used to add and change IPs on this box

- output of 'ip route list table local' after IPs are changed and
before starting arping

- output of 'strace arping', I assume it is using getsockname
after UDP connect

- any reason to use broadcast 137.226.164.255 for all addresses?

Regards

--
Julian Anastasov <ja@....bg>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ