lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <3041e5a8-b3c9-450e-8b4a-b541cd9ffe64@lunn.ch>
Date: Tue, 23 Apr 2024 01:59:12 +0200
From: Andrew Lunn <andrew@...n.ch>
To: SIMON BABY <simonkbaby@...il.com>
Cc: netdev@...r.kernel.org
Subject: Re: Ping failing with DSA enumerated ports with macb driver

> oot@...a7g5ek-sd:~# tcpdump -i eth0
> 
> tcpdump: verbose output suppressed, use -v[v]... for full protocol decode
> 
> listening on eth0, link-type DSA_TAG_DSA (Marvell DSA), snapshot length 262144
> bytes
> 
> 19:09:06.730472 DSA port 8.0 > CPU, VLAN 1472u, 04:91:62:f2:fd:1c (oui Unknown)

This does not make any sense. This is the wrong direction. And VLAN
1472 ???

> > Broadcast Null Information, send seq 0, rcv seq 0, Flags [Command], length
> 307
> 
>         0x0000:  0000 0000 4011 78f7 0000 0000 ffff ffff  ....@...........
> 
>         0x0010:  0044 0043 0123 8af2 0101 0600 d429 7f9b  .D.C.#.......)..
> 
>         0x0020:  00bc 0000 0000 0000 0000 0000 0000 0000  ................
> 
>         0x0030:  0000 0000 0491 62f2 fd1c 0000 0000 0000  ......b.........
> 
>         0x0040:  0000 0000 0000 0000 0000 0000 0000 0000  ................
> 
>         0x0050:  0000 0000 0000 0000 0000 0000 0000 0000  ................
> 
>         0x0060:  0000 0000 0000 0000 0000 0000 0000 0000  ................
> 
>         0x0070:  0000 0000 0000 0000 0000 0000 0000 0000  ................
> 
>         0x0080:  0000 0000 0000 0000 0000 0000 0000 0000  ................
> 
>         0x0090:  0000 0000 0000 0000 0000 0000 0000 0000  ................
> 
>         0x00a0:  0000 0000 0000 0000 0000 0000 0000 0000  ................
> 
>         0x00b0:  0000 0000 0000 0000 0000 0000 0000 0000  ................
> 
>         0x00c0:  0000 0000 0000 0000 0000 0000 0000 0000  ................
> 
>         0x00d0:  0000 0000 0000 0000 0000 0000 0000 0000  ................
> 
>         0x00e0:  0000 0000 0000 0000 0000 0000 0000 0000  ................
> 
>         0x00f0:  0000 0000 0000 0000 0000 0000 0000 0000  ................
> 
>         0x0100:  0000 0000 6382 5363 3501 013d 0701 0491  ....c.Sc5..=....
> 
>         0x0110:  62f2 fd1c 370a 0103 060c 0f1a 212a 7879  b...7.......!*xy
> 
>         0x0120:  3902 0240 0c0c 7361 6d61 3767 3565 6b2d  9..@...ama7g5ek-
> 
>         0x0130:  7364 ff                                  sd.

This is too long for an ARP, which is typically 42 bytes.

Try running tcpdump with e and v options. And then think about what
you see.

    Andrew

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ