Skip site navigation (1)Skip section navigation (2)
Date:      Fri, 7 Apr 2000 19:17:11 +0400 (MSD)
From:      "Alexander V. Tischenko" <flash@intech.hway.ru>
To:        freebsd-hackers@freebsd.org
Subject:   Strange issue with directed broadcasts
Message-ID:  <Pine.BSF.4.05.10004071856530.1350-100000@balin.intech.hway.ru>

next in thread | raw e-mail | index | archive | help
Hello Hackers,
Recently i stumbled accross strange security feature with ip_input().
The task i was performing required usage of net directed broadcasts
(samba, remote announce, freebsds as routers).
Those broadcasts never reached their subnets. I understand that it is
a security feature nowerdays :) , but probably router should have a
configurable mechanism (as ciscos for example) to forward or not
such beasts into their attached net. The code in question is around
lines 498 of ip_input.c version 1.131. No attempt is made to check
the interface the packet came in nor provisions for duplication.
As a result, clients and servers behind such router never see
announcements from remote, unless they reside on the router itself.
(Yes, i have to use direct ip non-broadcast announcements now, but
would prefer broadcasts for some reasons :)
My solution would be to check rcvif vs ia_ifp and accept the packet
as 'ours' only if those ifs are the same.
Note, that if we will not accept the packet, but forward it instead,
if will get back to us - feature of ethernet.

Any solutions, advice, reasons why not ?

Thank you in advance,
Alexander V. Tischenko
------------------------------------------------------------------------------
Integrated Network Technologies                 | Tel: +7 095 978-47-37
7, Miusskaya sq., Moscow, 125047 Russia         | Fax: +7 095 978-47-37
Internet: flash@hway.ru                         | NIC: AT55-RIPE



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.05.10004071856530.1350-100000>