| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20191210091241.0c6df09e@cakuba.netronome.com>
Date: Tue, 10 Dec 2019 09:12:41 -0800
From: Jakub Kicinski <jakub.kicinski@...ronome.com>
To: subashab@...eaurora.org
Cc: Maciej Żenczykowski <zenczykowski@...il.com>,
"David S . Miller" <davem@...emloft.net>,
Linux Network Development Mailing List
<netdev@...r.kernel.org>,
Marcelo Ricardo Leitner <marcelo.leitner@...il.com>,
Sean Tranchetti <stranche@...eaurora.org>,
Eric Dumazet <edumazet@...gle.com>,
Linux SCTP <linux-sctp@...r.kernel.org>
Subject: Re: [PATCH v2] net: introduce ip_local_unbindable_ports sysctl
On Tue, 10 Dec 2019 07:00:29 +0000, subashab@...eaurora.org wrote:
> > Okay, that's what I was suspecting. It'd be great if the real
> > motivation for a patch was spelled out in the commit message :/
> >
> > So some SoCs which run non-vanilla kernels require hacks to steal
> > ports from the networking stack for use by proprietary firmware.
> >
> > I don't see how merging this patch benefits the community.
>
> This is just a transparent proxy scenario though.
> We block the specific ports so that there is no unrelated traffic
> belonging to host proxied here incorrectly.
It's a form of one, agreed, although let's be honest - someone reading
the transparent proxy use case in the commit message will not think of
a complex AP scenario, but rather of a locally configured transparent
proxy with IPtables or sockets or such.
Powered by blists - more mailing lists