[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[lwip-devel] [bug #60607] IP traffic "leaks" between netifs

From: Indan Zupancic
Subject: [lwip-devel] [bug #60607] IP traffic "leaks" between netifs
Date: Mon, 17 May 2021 11:48:34 -0400 (EDT)
User-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36

Follow-up Comment #5, bug #60607 (project lwip):

Mind that RFC 1122 still does routing based on src and dst IP addresses, lwIP
already makes it possible to do that by implementing LWIP_HOOK_IP4_ROUTE_SRC
as a user.

We didn't use that because we needed other things and because we already know
the interface, so looking up the interface by address is unnecessary

Other things we needed to do:

- "Fix" ip4_input().
- Always send ICMP replies over the same interface as the received packet.
- Always send TCP RST back over the same interface as the received packet. (I
see patch #9988 fixed this in the meantime.)
- Autobind new pcbs created by tcp_listen_input() to the interface the SYN
came from.
- Honour p->if_idx for outgoing UDP packets.
- Change SNMP code to send packets over the configured interface.

We do bind most sockets to specific interfaces/addresses in application code
too, except TCP listen sockets and some SNMP UDP sockets.

As this is very specific for our use case (hard separation between
interfaces), I am not sure how generally useful this is, though for embedded
systems you would expect this to be more common. We could split the above into
multiple feature defines instead of one we use now.

What is the lwIP maintainers' opinion about this?


Reply to this item at:


  Message sent via Savannah

reply via email to

[Prev in Thread] Current Thread [Next in Thread]