libnetfilter-queue and lsi
Bug #1221361 reported by
Miika Komu
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
HIPL |
New
|
High
|
Pupu Toivonen |
Bug Description
Juhani noticed a bug with the LSI code. With hipd+hipfw default flags for the binaries, pinging LSI stops working if he runs "sudo true" on either host. Apparently sudo tries to make a loopback connection by coupling an LSI with an IPv6 address in the src/dst address pair Possibly could be solved with some extra sanity checking in the firewall.
Apparently this bug occurred after the merge of the libnetfilter-queue code.
To post a comment you must log in.
The default flags are:
* hipd: -bkN
* hipfw: -bklpF
I can't repeat this on two 64-bit precise machines. I even tried logging with ssh over an LSI and then ran sudo, but pinging of the LSI still works. Juhani, please let me know if I got something wrong.