lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <3167EFAB95044A4EB6B134B9A39AA98A055B5E50@xmb-rcd-x05.cisco.com>
Date:	Tue, 14 Jul 2015 11:18:27 +0000
From:	"Yigal Reiss (yreiss)" <yreiss@...co.com>
To:	"netdev@...r.kernel.org" <netdev@...r.kernel.org>
Subject: RE: [PATCH] brouted packet identified as PACKET_OTHERHOST blocked
 by higher protocol

Florian Westphal <fw@...len.de> wrote:
> Yigal Reiss (yreiss) <yreiss@...co.com> wrote:
> > The problem I'm trying to solve is that when packets being sent from
> one bridged interface to the other are "brouted" they get dropped by the
> IP layer. The reason is that the packet being raised has pkt_type of
> type PACKET_OTHERHOST.
> 
> No, thats not the problem you're trying to solve.
> 
> If you want to move OTHERHOST skbs, don't (b)route them?
> 
> Whats the real issue that you're trying to solve?

I want to (b)route them because I want to be able to inspect the packets in higher levels
(through iptables or user space IPS).

Once I do that (i.e. (b)route by applying an appropriate ebtables rule), the corresponding
packets get dropped unless I apply the patch.
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ