Re: Iptables ipt_unclean bug?

=?ISO-8859-2?Q?Kajt=E1r_Zsolt?= (soci@firewall.sch.bme.hu)
Wed, 20 Jun 2001 11:56:36 +0200 (CEST)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Heiki Kask: "cs5530 and UDMA implementation questions"
Previous message: Gleb Natapov: "Re: Should VLANs be devices or something else?"
Maybe in reply to: =?ISO-8859-2?Q?Kajt=E1r_Zsolt?=: "Iptables ipt_unclean bug?"

> In message <Pine.LNX.4.21.0106190104020.414-100000@firewall.sch.bme.hu>
> you write:
> >
> > Hi all!
> >
> > I think it's possible to hang the kernel useing isic 0.05
> > (www.packetfactory.net/Projects/ISIC/), when there's a unclean match
> > in iptables rules.

> Thanks for the bug report. I've just done an audit of the unclean
> code: patch against 2.4.5 is below. There were some bad thinkos there,
> two fatal.

2 infinite loops ;)

After patching now everything seems to be ok.

But there must be some other bug somewhere in TCP/IP stack or af_packet
(or my machine is just crap ;) ), because after ~5 mins I can still hang
my kernel on loopback WITHOUT iptables... Will check which one is on fault
on my home network...

-soci-

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Heiki Kask: "cs5530 and UDMA implementation questions"
Previous message: Gleb Natapov: "Re: Should VLANs be devices or something else?"
Maybe in reply to: =?ISO-8859-2?Q?Kajt=E1r_Zsolt?=: "Iptables ipt_unclean bug?"