[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Resolved: locking oneself out, unroutable addresses



Pascal Hambourg <pascal.mail@plouf.fr.eu.org> writes:
> Daniel Pittman a écrit :
>>>>>
>>>>>>So, can anyone suggest what I should do with packets that have a
>>>>>>source address of 0.0.0.0?
>>>>>
>>>>>Junk them -- they have no real business on your network, as 0.0.0.0
>>>>>isn't a valid assigned address on the live Internet.
>>>>
>>>> Except at least when you use DHCP on your network. DHCP clients use
>>>> 0.0.0.0 as a source address when issuing DHCP requests until they
>>>> get a regular address from the server.
>> Heh.  That wont help: you can't assign 0.0.0.0 to an interface in
>> Linux,
>> so the DHCP client uses a "packet socket" -- reading direct from the
>> interface, bypassing the firewall.
>
> That sounds consistant. But what about the DHCP server side ?

It made the ISC DHCP developers very unhappy when it changed within
Linux, and I believe that the same is required on the server side
because you cannot assign 0.0.0.0 as a valid source address their
either.

        Daniel



Reply to: