Bugtraq mailing list archives
Re: [LINUX] IP_MASQ / Ethernet Passing Traffic After Halt
From: miquels () CISTRON NL (Miquel van Smoorenburg)
Date: Sat, 12 Apr 1997 12:04:51 +0200
In article <Pine.LNX.3.96.970411235054.377A-100000 () litterbox org>, Sean B. Hamor <hamors () LITTERBOX ORG> wrote:
A problem exists in IP Masquerade under Linux which allows traffic to be passed to external networks even after the gateway host has been halted. As long as a connection has been established from an internal machine via the IP Masquerade gateway to an external host and the Ethernet interfaces inside the machine are still being supplied power, that connection will stay online in a fully interactive state.
That might be true - the kernel as such keeps running if it is halted, since a halt in Linux only means "kill all processes and then run an idle loop". I don't believe the kernel keeps running during a warm reboot, sorry... Anyway, the latest halt and reboot of sysvinit (2.70) have a command line switch "-i", which finds and shuts down all network interfaces. If you get that one, and add a "-i" option to all calls to halt and reboot in your init scripts, you're safe. It might be better to fix this in the kernel.. Mike.
Current thread:
- Re: [LINUX] IP_MASQ / Ethernet Passing Traffic After Halt Miquel van Smoorenburg (Apr 12)
- Re: [LINUX] IP_MASQ / Ethernet Passing Traffic After Halt Alan Cox (Apr 13)
- [ANNOUNCE]: ipfilter for FreeBSD2.2.x + FreeBSD3.0-current Julian Assange (Apr 13)
- Re: [ANNOUNCE]: ipfilter for FreeBSD2.2.x + FreeBSD3.0-current Perry E. Metzger (Apr 13)
- 2nd Linux kernel patch to remove stack exec Solar Designer (Apr 13)
- Re: 2nd Linux kernel patch to remove stack exec Systemkennung Linux (Apr 13)
- Re: 2nd Linux kernel patch to remove stack exec Solar Designer (Apr 13)
- Re: 2nd Linux kernel patch to remove stack exec Systemkennung Linux (Apr 13)
- Re: 2nd Linux kernel patch to remove stack exec David S. Miller (Apr 13)
- Re: 2nd Linux kernel patch to remove stack exec Systemkennung Linux (Apr 13)
- Re: 2nd Linux kernel patch to remove stack exec Systemkennung Linux (Apr 13)
- more l0phtcrack errata Systemkennung Linux (Apr 13)