• Stephen Hemminger's avatar
    [BRIDGE]: Ethernet bridge fixes. · 317cfe29
    Stephen Hemminger authored
    	1. STP protocol has no security, so malcontents can fuck with the
    	  bridge's topology.  The fixes are to ship with STP turned off
    	  to protect the ignorant, and run STP packets through ebtables
    	  netfilter for the smart.  
    
    	  Got this one via a russian hacker "Oleg K. Artemjev" <olli@rbauto.ru>
    	  before he published the paper.
    	  Bridge netfilter still needs work to give a nice face on this
    	  but this patch gives the hooks to filter.
    
    	2. STP input processing was lax in it's length checking so I bet
    	  you could make up a bomb packet.
    
    	  My inspection while doing #1.
    
    	3. Forwarding table could be abused by sending forged packets with
    	   bogus source address same as the local host.  This came via
    	   Lennart from Jerry Kreuscher <jerrykr@mindspring.com> who ran into
    	   it by mistake.
    317cfe29
br_stp_bpdu.c 5.13 KB