lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <20241102161217.GA13003@breakpoint.cc>
Date: Sat, 2 Nov 2024 17:12:17 +0100
From: Florian Westphal <fw@...len.de>
To: namniart@...il.com
Cc: Florian Westphal <fw@...len.de>, netdev@...r.kernel.org
Subject: Re: Duplicate invocation of NF_INET_POST_ROUTING rule for outbound
 multicast?

namniart@...il.com <namniart@...il.com> wrote:
> Thanks for the quick reply; I will work through our build process and try to get that tested in the next few days.
> 
> I was thinking the fix for this might be more substantial; call NF_HOOK without a callback at the top of ip_mc_output to determine the fate of the packet,

The NF_QUEUE verdict can delegate this decision to a userspace process,
if this happened its too late to do the clone.

So this would work only if we had a way to remove support for NF_QUEUE
for multicast packets.  I don't think this can be done after two
decades.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ