| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20170924013325.7ywkdfdlzeflsbl2@nataraja>
Date: Sun, 24 Sep 2017 09:33:25 +0800
From: Harald Welte <laforge@...monks.org>
To: Andreas Schultz <aschultz@...p.net>
Cc: David Miller <davem@...emloft.net>, tom@...ntonium.net,
netdev@...r.kernel.org, pablo@...filter.org, rohit@...ntonium.net
Subject: Re: [PATCH net-next 03/14] gtp: Call common functions to get tunnel
routes and add dst_cache
Hi Andreas,
On Wed, Sep 20, 2017 at 05:37:52PM +0200, Andreas Schultz wrote:
> I think we had this discussion before. The sending IP and port are not part
> of the identity of the PDP context. So IMHO the sender is permitted
> to change the source IP at random.
Thanks for the reminder: You are correct, at least in the uplink case
(MS->GGSN) where there is mobility of the MS. In the downlink case
(GGSN->MS), which is the "sending" part for the kernel GTP code used at
a GGSN, I'm not sure if that theory holds true in reality.
Do you agree that the current behavior of not using automatic source
address selection for encapsulated GTP packets but rather using the
source address of the socket is intended?
Do you further agree that the dst_cache support patch by Tom retains
that intended behavior and it should be merged?
--
- Harald Welte <laforge@...monks.org> http://laforge.gnumonks.org/
============================================================================
"Privacy in residential applications is a desirable marketing option."
(ETSI EN 300 175-7 Ch. A6)
Powered by blists - more mailing lists