lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <553F15AC.3080606@ionic.de>
Date:	Tue, 28 Apr 2015 07:07:56 +0200
From:	Mihai Moldovan <ionic@...ic.de>
To:	Vadim Kochan <vadim4j@...il.com>
CC:	netdev@...r.kernel.org, Bernard Cafarelli <voyageur@...too.org>
Subject: Re: iproute2 regression -- ss -u returns an empty list

On 28.04.2015 06:47 AM, Vadim Kochan wrote:
> On Tue, Apr 28, 2015 at 06:33:18AM +0200, Mihai Moldovan wrote:
>> On 28.04.2015 06:05 AM, Vadim Kochan wrote:> So by default ss prints
>> socket with CONNECTED state and even UDP can be
>>> in the CONNECTED state on the Linux,
>> 
>> UDP can be in a CONNECTED state... ooookay. That's probably a conntrack 
>> thing.
>> 
>> 
>>> so you can specify 'ss -ua' (may be some explanation should be added to 
>>> the ss man page) which should print UDP sockets in the any state, AFAIK 
>>> it was the default behaviour before my changes.
>> 
>> Could this please be reverted? It's breaking other stuff that uses ss.
>> 
>> Also: ss -lxua returns an empty list, too. Previously, the families seem
>> to have been OR'd, while they are now ANDed?
>> 
>> 
>> 
>> Mihai
>> 
> 
> I will try to fix this ...

Thanks!

To be a bit more verbose about the rationale:

Changing the default behavior is generally a bad idea, unless strictly necessary
(e.g., if the previous default behavior was buggy anyway), because it may break
other software. Please try introducing behavioral changes via new options.

That way, dependencies will still work fine and anyone who wants to use the new
behavior can explicitly do so via a switch.

I could work around this by checking ss' version, but that turns out to be a
pain, too, because ss -V reports something like this:

"ss utility, iproute2-ss150413"

Not exactly a "friendly" version like "3.19.0" or "4.0.0" to check against...



Mihai



Download attachment "signature.asc" of type "application/pgp-signature" (885 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ