lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Date:   Fri, 11 Nov 2016 16:18:13 -0500
From:   "Brian J. Murrell" <brian@...erlinx.bc.ca>
To:     netdev@...r.kernel.org
Subject: do bridge members need to be listed in /proc/net/dev_mcast

Hi.

I have a Linux router running 3.18.23 with IPv6 as well as IPv4
interfaces.  It doesn't seem to be hearing IPv6 multicast packets
though.

For example, it won't hear and respond to either router or neighbour
discovery packets unless i put the interface in promiscuous mode with
tcpdump.  I'm a bit stumped at what could cause that.

The interface that is not hearing the IPv6 multicast packets is a
bridge with an ethernet and wifi interfaces as members:

# brctl show br-lan
bridge name	bridge id		STP enabled	interfaces
br-lan		7fff.26d42cb3eadf	no		eth0.1
							wlan0
							wlan1

The bridge does have the right multicast addresses configured in
/proc/net/dev_mcast:

8    br-lan          1     0     333300000001
8    br-lan          1     0     333300000002
8    br-lan          1     0     01005e000001
8    br-lan          1     0     3333ff000001
8    br-lan          1     0     3333ffb3eadf
8    br-lan          1     0     3333ff000000
8    br-lan          1     0     01005e000005
8    br-lan          1     0     01005e000006

But what is interesting is that the wlan{0,1} interfaces that are in
the br-lan bridge are in the /proc/net/dev_mcast also:

15   wlan1           2     0     333300000001
15   wlan1           2     0     333300000002
15   wlan1           2     0     01005e000001
15   wlan1           2     0     3333fff51e4c
15   wlan1           2     0     3333ff000000
16   wlan0           2     0     333300000001
16   wlan0           2     0     333300000002
16   wlan0           2     0     01005e000001
16   wlan0           2     0     3333fff51e4a
16   wlan0           2     0     3333ff000000

But the ethernet member, eth0.1 is not.

Is it sufficient to have a bridge interface in /proc/net/dev_mcast or
do all of it's member interfaces need the respective multicast
addresses listed in that file also?  It just seems odd to me that the
wlan interfaces are there but the ethernet interface is not.

If it is sufficient to have just the bridge in /proc/net/dev_mcast what
else could be causing this "deafness" to multicast that is resolved by
putting the interface into promiscuous mode?

Cheers,
b.

Download attachment "signature.asc" of type "application/pgp-signature" (474 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ