| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20250216095005.GC1615191@kernel.org>
Date: Sun, 16 Feb 2025 09:50:05 +0000
From: Simon Horman <horms@...nel.org>
To: Eric Dumazet <edumazet@...gle.com>
Cc: "David S. Miller" <davem@...emloft.net>,
Jakub Kicinski <kuba@...nel.org>, Paolo Abeni <pabeni@...hat.com>,
netdev@...r.kernel.org, David Ahern <dsahern@...nel.org>,
Paul Ripke <stix@...gle.com>, eric.dumazet@...il.com
Subject: Re: [PATCH net-next 2/2] ipv6: fix blackhole routes
On Wed, Feb 12, 2025 at 04:43:23PM +0000, Eric Dumazet wrote:
> For some reason, linux does not really act as a blackhole
> for local processes:
>
> ip route add blackhole 100::/64 # RFC 6666
> ip route get 100::
> RTNETLINK answers: Invalid argument
> ping6 -c2 100::
> ping6: connect: Invalid argument
> ip route del 100::/64
>
> After this patch, a local process no longer has an immediate error,
> the blackhole is simply eating the packets as intended.
>
> Also the "route get" command does not fail anymore.
>
> ip route add blackhole 100::/64
> ip route get 100::
> blackhole 100:: dev lo src ::1 metric 1024 pref medium
> ping6 -c2 100::
> PING 100:: (100::) 56 data bytes
>
> --- 100:: ping statistics ---
> 2 packets transmitted, 0 received, 100% packet loss, time 1019ms
Hi Eric,
Sorry to nit-pick on something that is nothing to do with the change
itself. But could you reformat the above somehow as git will cut off
the commit message at the ("^---") above. Which amongst other things
means the patch will end up without a Signed-off-by line in git.
>
> ip route del 100::/64
>
> Reported-by: Paul Ripke <stix@...gle.com>
> Signed-off-by: Eric Dumazet <edumazet@...gle.com>
...
Powered by blists - more mailing lists