[Dnsmasq-discuss] 2.80 dnspooq v3 problem
sunil rathod
srathod1980 at gmail.com
Fri Dec 3 11:32:21 UTC 2021
Hi Petr,
I have used the following patches for 2.80 release along with dnspooq patch
to resolve the bugs.
Does this patch have any implications with the "SO_BINDTODEVICE" option in
sockets. In my system, when DNS replies arrive on the interface, the kernel
seems to drop these because of a mismatched socket. After the kernel
upgrade, I see this problem. Is there a way we can bind to an IP address
rather than interface for forwarding interf
1.
https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2021q1/014789.html
2.
http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=74d4fcd756a85bc1823232ea74334f7ccfb9d5d2
3.
http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=8f9bd615053cd13aba82a111ec20bb79d25a2d1e
Regards,
Sunil
On Fri, 2 Apr 2021 at 05:21, Simon Kelley <simon at thekelleys.org.uk> wrote:
>
>
> On 31/03/2021 08:50, Petr Menšík wrote:
> > Hi Sunil,
> >
> > This is exactly the same issue I reported on thread [1]. Unfortunately
> > it haven't got merged separately, but it should be patched by
> > CVE-2021-3448 fix [2]. It happens only when you have rp_filter set to 1.
> > The root cause of this is the lookup_frec part change in commit
> > 8f9bd615053cd [3], including the part added previously by commit [2].
> >
> > Yes, these are uncovered bugs not found when testing dnspooq patches.
> > The root of the issue was there also before, but it stopped working only
> > after dnspooq patches. They are related.
> >
>
> Thanks Petr, Given the above.
>
> 1) This is not fixed in the 2.80 dnspooq v3 patches.
> 2) It is fixed in the forthcoming 2.85 release.
>
> Simon.
>
>
> _______________________________________________
> Dnsmasq-discuss mailing list
> Dnsmasq-discuss at lists.thekelleys.org.uk
> https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/attachments/20211203/eecc1b94/attachment.htm>
More information about the Dnsmasq-discuss
mailing list