lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <20110806180046.32a57a97@mjolnir.ossman.eu>
Date:	Sat, 6 Aug 2011 18:00:46 +0200
From:	Pierre Ossman <pierre-list@...man.eu>
To:	Malcolm Scott <linux-netdev@...c.org.uk>
Cc:	Patrick McHardy <kaber@...sh.net>,
	Pierre Ossman <drzeus-list@...eus.cx>,
	Francois Romieu <romieu@...zoreil.com>, netdev@...r.kernel.org
Subject: Re: accelerated vlan gives pcap tagged packets untagged

Reviving a really old thread.

On Fri, 24 Jul 2009 17:50:26 +0100 (BST)
Malcolm Scott <linux-netdev@...c.org.uk> wrote:

> At 18:35 yesterday, Patrick McHardy wrote:
> 
> > Malcolm Scott wrote:
> >
> >> In my case, this is manifesting as the DHCP misbehaviour which Pierre
> >> mentioned.  (ISC dhcp3d does not use libpcap, and does not query the
> >> packet socket for the VLAN tag, so it treats every VLAN's packets as for
> >> the default VLAN.)
> >
> > It needs to get the VLAN tag from the auxilliary data.
> 
> Right.  But backwards compatibility with older apps is the issue.  An app 
> which doesn't go looking for a VLAN tag in the auxiliary data -- because it 
> didn't have to do so prior to 2.6.28 -- will start seeing packets from all 
> VLANs rather than just the untagged ones.
> 
> Perhaps what's actually needed is another interface which sees _just_ the 
> untagged packets, e.g. eth0.0 (0 being a reserved VLAN ID meaning 'no VLAN', 
> i.e. equivalent to no 802.1q tag).
> 

Has any progress been made on this front? I'm running kernel 2.6.32 and
dhcpd 4.1.1 and that combination is still getting very upset by these
stray packages.

Rgds
-- 
     -- Pierre Ossman

  WARNING: This correspondence is being monitored by FRA, a
  Swedish intelligence agency. Make sure your server uses
  encryption for SMTP traffic and consider using PGP for
  end-to-end encryption.

Download attachment "signature.asc" of type "application/pgp-signature" (231 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ