lwip-devel
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [lwip-devel] etharp.c updating


From: Kieran Mansley
Subject: Re: [lwip-devel] etharp.c updating
Date: Sun, 12 Jun 2011 19:34:22 +0100

On 12 Jun 2011, at 17:19, Leon Woestenberg wrote:
> 
> However, I think the former behaviour (update on any ARP) was correct:

I think, from memory, this change was introduced to avoid the problem of a 
third-party spoofing an ARP reply with bogus values, causing our stack to 
update its ARP table, and resulting in us sending packets to the wrong 
destination address.  By restricting updates to the table to those ARP requests 
we've made we limit our vulnerability.  Perhaps the RFC quoted in the commit 
message was not the correct one, and there has been a more recent update? I 
think the current lwIP behaviour is now pretty standard.  Apologies if I've 
misunderstood though.

Is there a downside to the current behaviour?  As I see it we keep the ARP 
table small this way too, and so it tends to only have entries for addresses 
we're communicating with, rather than filling up with all the addresses of the 
current broadcast domain.

Kieran


reply via email to

[Prev in Thread] Current Thread [Next in Thread]