| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <alpine.LFD.2.00.1105270814360.1520@ja.ssi.bg> Date: Fri, 27 May 2011 08:27:23 +0300 (EEST) From: Julian Anastasov <ja@....bg> To: Victor Mataré <matare@....rwth-aachen.de> cc: David Miller <davem@...emloft.net>, akpm@...ux-foundation.org, netdev@...r.kernel.org, bugzilla-daemon@...zilla.kernel.org, bugme-daemon@...zilla.kernel.org Subject: Re: [Bugme-new] [Bug 35862] New: arp requests from wrong src IP Hello, On Thu, 26 May 2011, Victor Mataré wrote: > Examining the host which now has 137.226.164.2 (used to have 137.226.164.13): > > # ip addr show dev eth0 > 4: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP qlen 1000 > link/ether 00:e0:81:41:1f:e4 brd ff:ff:ff:ff:ff:ff > inet 137.226.164.2/24 brd 137.226.164.255 scope global eth0 > inet 192.168.23.2/24 brd 137.226.164.255 scope global eth0:0 > [...] > > Sorry, got confused with all the swapping. I'm *not* keeping the old address around, it's completely *gone*, from both ifconfig and ip. But still it's being used as arp src address. That's what this bug is about. Sorry for the confusion. It looks strange. Can you confirm the following things: - the kernel version - the order of 'ip' command used to add and change IPs on this box - output of 'ip route list table local' after IPs are changed and before starting arping - output of 'strace arping', I assume it is using getsockname after UDP connect - any reason to use broadcast 137.226.164.255 for all addresses? Regards -- Julian Anastasov <ja@....bg>
Powered by blists - more mailing lists