lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Tue, 11 Jun 2013 11:14:04 -0700
From:	Rick Jones <rick.jones2@...com>
To:	Jeff Haran <Jeff.Haran@...rix.com>
CC:	Pablo Neira Ayuso <pablo@...filter.org>,
	David Laight <David.Laight@...LAB.COM>,
	Phil Oester <kernel@...uxace.com>,
	"netfilter-devel@...r.kernel.org" <netfilter-devel@...r.kernel.org>,
	"davem@...emloft.net" <davem@...emloft.net>,
	"netdev@...r.kernel.org" <netdev@...r.kernel.org>
Subject: Re: [PATCH 3/5] netfilter: xt_TCPMSS: Fix violation of RFC879 in
 absence of MSS option

> There is likely no "right" answer for this issue, but for what it's
> worth I can report a somewhat related experience I had a few years
> ago when updating my PC at home with a new Suse distro. The machine
> had been running previous versions of Suse with my Comcast cable
> internet service just fine for several years. I downloaded the ISO
> from opensuse, burned the DVD, did the install but when it came back
> up again the internet service was quite unreliable. It would work for
> a few minutes, but then no packets would flow. I happened to run
> ifconfig eth0 and it showed an MTU of 576. It seems the version of
> the DHCP client that came with the new distro honored the DHCP MTU
> option, but Comcast was advertising DHCP offers with an MTU of 576.

Presumably then, your system rejected any incoming packet which was 
larger than the 576 byte MTU it got from the Comcast DHCP server..

I can think of two reasons for larger packets to be arriving at your 
system then:

1) UDP

2) Broken TCPs ass-u-me-ing a TCP MSS larger than 536 bytes when there 
wasn't an MSS option in the SYN(s).

Did your SuSE system send actual TCP MSS options based on the 576 byte MTU?


rick jones
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ