Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

bugtraq logo Bugtraq mailing list archives

Re: ping -R causes kernel panic on a forwarding machine ( 2.2.5 a nd 2 .2.10)
From: risa () GSL KRALUPY CZ (Richard Bouska)
Date: Thu, 22 Jul 1999 22:54:42 +0200

diff -ur ../vger-990630/linux/net/ipv4/route.c linux/net/ipv4/route.c
--- ../vger-990630/linux/net/ipv4/route.c       Wed Jun 30 22:22:32 1999
+++ linux/net/ipv4/route.c      Tue Jul 13 17:00:52 1999
@@ -957,7 +957,7 @@

        if (rt->key.iif == 0)
                src = rt->rt_src;
-       else if (fib_lookup(&rt->key, &res) == 0)
+       else if (fib_lookup(&rt->key, &res) == 0 && res.type != RTN_NAT)
                src = FIB_RES_PREFSRC(res);
        else
                src = inet_select_addr(rt->u.dst.dev, rt->rt_gateway,
RT_SCOPE_UNIVERSE);

Andrej Todosic writes:


Correction :

this happens only when going through the NAt code.

I just tested and only time when it crashes is when one of the ends is in
NAT
( i haven tested with both endss in NAT but thats rare to find anyways )

so to resume:

kernel 2.2.10
ip utility
ipchains
one of the networks is NAT-ed

ping -R a NAT ed ip from a real ip ( it has to go through the fw )
or ping -R  a real ip from a NATed one
fw has to be below hop 9 on this road otherwise it doesnt work.

Result : complete kernel panic


my ip nat rules are rather simple .
so i belive anyone should be able to reproduce the problem.



comments ?
fixes ?




-----Original Message-----
From: Andrej Todosic [mailto:atodosic () ubisoft qc ca]
Sent: Thursday, July 22, 1999 10:04 AM
To: linux-kernel () vger rutgers edu
Subject: ping -R causes kernel panic on a forwarding machine ( 2.2.5 and
2 .2.10)



hello ,

i belive this is an old problem since this is not the first time i heard
about it.

ping ing with ping -R from through a firewall machine make the firewall go
into kernel panic
tried to kill idle task
not syncing

etc. etc.

does anyone know a fix for the problem ?

or a set of rules that will fix the problem ?

i believe ping -R works only on about nine hops... what bothers me
is that nine hops can be a lot of subnets :(


Thanks for any help






-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo () vger rutgers edu
Please read the FAQ at http://www.tux.org/lkml/

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo () vger rutgers edu
Please read the FAQ at http://www.tux.org/lkml/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]