From: Ville Nuorvala <vnuorval@tcs.hut.fi>
To: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org>
Cc: davem@davemloft.net, netdev@vger.kernel.org
Subject: Re: [PATCH 6/6] IPv6: Fix infinite loop if no matching IPv6 tunnel found
Date: Thu, 02 Nov 2006 16:22:07 +0200 [thread overview]
Message-ID: <4549FF0F.6020705@tcs.hut.fi> (raw)
In-Reply-To: <20061102.231810.119656005.yoshfuji@linux-ipv6.org>
On 11/02/06 16:18, YOSHIFUJI Hideaki wrote:
> In article <4549EFA7.50004@tcs.hut.fi> (at Thu, 02 Nov 2006 15:16:23 +0200), Ville Nuorvala <vnuorval@tcs.hut.fi> says:
>
>> On 11/02/06 14:59, YOSHIFUJI Hideaki wrote:
>>> In article <4549D8E7.1040409@tcs.hut.fi> (at Thu, 02 Nov 2006 13:39:19 +0200), Ville Nuorvala <vnuorval@tcs.hut.fi> says:
>>>
>>>> read_unlock(&ip6ip6_lock);
>>>> - return 1;
>>>> -
>>>> + icmpv6_send(skb, ICMPV6_DEST_UNREACH,
>>>> + ICMPV6_ADDR_UNREACH, 0, skb->dev);
>>>> discard:
>>> I'd argue this. We probably should not send back any ICMPv6 packets
>>> to the original sender in this case to avoid DoS.
>> Sorry, I don't follow you. I don't see the DoS scenario here (after we
>> apply the patch, that is ;-).
>
> Well, leaving aside whether sending icmpv6 is good thing (*),
> the code for sending icmpv6 was moved from ip6_tunnel.c
> to tunnel6.c by commit-id 50fba2aa7cefa6b0e1768cb350c9e69042320c03
> by Herbert.
>
> The ip6_tunnel.c change that Herbert made does not seem consistent
> with ipip.c change. To fix your issue the appropriate change is just
> fall through to discard section, as we're doing for ipip.c.
>
> Please do not re-add sending icmpv6 logic here.
> If you DO think it is appropriate, please fix other codes
> such as ipip.c, and your comment.
Ok, I'll resubmit a patch doesn't send an ICMPv6 error message.
Regards,
Ville
next prev parent reply other threads:[~2006-11-02 14:22 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2006-11-02 11:39 [PATCH 6/6] IPv6: Fix infinite loop if no matching IPv6 tunnel found Ville Nuorvala
2006-11-02 12:59 ` YOSHIFUJI Hideaki / 吉藤英明
[not found] ` <4549EFA7.50004@tcs.hut.fi>
2006-11-02 14:18 ` YOSHIFUJI Hideaki / 吉藤英明
2006-11-02 14:22 ` Ville Nuorvala [this message]
2006-11-14 0:57 ` David Miller
2006-11-14 13:16 ` Ville Nuorvala
2006-11-25 1:12 ` David Miller
2006-11-03 9:08 ` Ville Nuorvala
2006-11-03 10:26 ` Tero Kauppinen (JO/LMF)
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4549FF0F.6020705@tcs.hut.fi \
--to=vnuorval@tcs.hut.fi \
--cc=davem@davemloft.net \
--cc=netdev@vger.kernel.org \
--cc=yoshfuji@linux-ipv6.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.