bugzilla-daemon at bugzilla.netfilter.org
2012-Jun-27 20:23 UTC
[Bug 795] New: RELATED doesn't accommodate multicast UDP solicitation resulting in unicast reply
http://bugzilla.netfilter.org/show_bug.cgi?id=795
Summary: RELATED doesn't accommodate multicast UDP solicitation
resulting in unicast reply
Product: netfilter/iptables
Version: unspecified
Platform: All
OS/Version: All
Status: NEW
Severity: enhancement
Priority: P5
Component: ip_conntrack
AssignedTo: netfilter-buglog at lists.netfilter.org
ReportedBy: philipp at redfish-solutions.com
Estimated Hours: 0.0
If I send out a packet like (tcpdump output):
16:37:56.642134 IP 192.168.1.25.34699 > 239.255.255.250.ssdp: UDP, length 135
..^....'.Y8...E..... at ................l..AQM-SEARCH * HTTP/1.1
HOST: 239.255.255.250:1900
MAN: "ssdp:discover"
MX: 2
ST: urn:schemas-upnp-org:device:WANConnectionDevice:1
And a unicast response comes back to the same source tuple (UDP,
192.168.1.25.34699)...
16:37:56.645110 IP 192.168.1.1.ssdp > 192.168.1.25.34699: UDP, length 310
.'.Y8.h.t.{...E..R. @. at ............l...>2.HTTP/1.1 200 OK
CACHE-CONTROL: max-age=130
DATE: Sat, 16 Jun 2012 16:37:49 GMT
EXT:
LOCATION: http://192.168.1.1:2869/gatedesc.xml
SERVER: Linux/2.6.15 UPnP/1.0
ST: urn:schemas-upnp-org:device:WANConnectionDevice:1
USN:
uuid:687f7406-7b12-627f-740::urn:schemas-upnp-org:device:WANConnectionDevice:1
yet I see the firewall sending back a REJECT, rather than seeing the inbound
packet as being "related".
16:37:56.645145 IP 192.168.1.25 > 192.168.1.1: ICMP host 192.168.1.25
unreachable - admin prohibited, length 346
h.t.{..'.Y8...E..n.... at .RH.........
......E..R. @. at ............l...>2.HTTP/1.1 200 OK
CACHE-CONTROL: max-age=130
DATE: Sat, 16 Jun 2012 16:37:49 GMT
EXT:
LOCATION: http://192.168.1.1:2869/gatedesc.xml
SERVER: Linux/2.6.15 UPnP/1.0
ST: urn:schemas-upnp-org:device:WANConnectionDevice:1
USN:
uuid:687f7406-7b12-627f-740::urn:schemas-upnp-org:device:WANConnectionDevice:1
A new value like "MRELATED" should be added to handle multicast
requests
resulting in unicast replies.
See also:
https://bugzilla.redhat.com/show_bug.cgi?id=832733
--
Configure bugmail: http://bugzilla.netfilter.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
You are watching all bug changes.
bugzilla-daemon at bugzilla.netfilter.org
2012-Jun-27 20:23 UTC
[Bug 795] RELATED doesn't accommodate multicast UDP solicitation resulting in unicast reply
http://bugzilla.netfilter.org/show_bug.cgi?id=795
Philip Prindeville <philipp at redfish-solutions.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |philipp at redfish-solutions.c
| |om
--
Configure bugmail: http://bugzilla.netfilter.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
You are watching all bug changes.
bugzilla-daemon at bugzilla.netfilter.org
2013-Feb-14 16:22 UTC
[Bug 795] RELATED doesn''t accommodate multicast UDP solicitation resulting in unicast reply
http://bugzilla.netfilter.org/show_bug.cgi?id=795
Pablo Neira Ayuso <pablo at netfilter.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |pablo at netfilter.org
AssignedTo|netfilter-buglog at lists.netf |pablo at netfilter.org
|ilter.org |
--- Comment #1 from Pablo Neira Ayuso <pablo at netfilter.org> 2013-02-14
17:22:29 CET ---
A new SSDP helper for conntrackd, now that we support userspace helpers, would
help for that.
What software is generating that traffic?
--
Configure bugmail: http://bugzilla.netfilter.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching all bug changes.
bugzilla-daemon at bugzilla.netfilter.org
2013-Feb-14 16:29 UTC
[Bug 795] RELATED doesn''t accommodate multicast UDP solicitation resulting in unicast reply
http://bugzilla.netfilter.org/show_bug.cgi?id=795 --- Comment #2 from Philip Prindeville <philipp at redfish-solutions.com> 2013-02-14 17:29:53 CET --- (In reply to comment #1)> A new SSDP helper for conntrackd, now that we support userspace helpers, would > help for that. > > What software is generating that traffic?Poco. It''s a C++ toolkit: http://www.pocoproject.org/ -- Configure bugmail: http://bugzilla.netfilter.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching all bug changes.
Maybe Matching Threads
- [Bug 795] RELATED doesn't accommodate multicast UDP solicitation resulting in unicast reply
- List windows clients/machines in network list (win 7)
- Why are Samba DCs not browsable?
- Possible multicast problem with UPnP Media Server
- Folders with ~ (tilde) slow to save