BIND 10 #3233: Kea4: We send back ICMP Port Unreachable for each incoming packet
BIND 10 Development
do-not-reply at isc.org
Thu Nov 14 10:56:13 UTC 2013
#3233: Kea4: We send back ICMP Port Unreachable for each incoming packet
-------------------------------------+-------------------------------------
Reporter: tomek | Owner:
Type: | Status: new
defect | Milestone: DHCP
Priority: | Outstanding Tasks
medium | Keywords:
Component: dhcp4 | Sensitive: 0
CVSS Scoring: | Sub-Project: DHCP
Defect Severity: N/A | Estimated Difficulty: 0
Feature Depending on Ticket: | Total Hours: 0
Add Hours to Ticket: 0 |
Internal?: 0 |
-------------------------------------+-------------------------------------
For each incoming DHCPv4 packet, we send back ICMP Port Unreachable.
There are at least two ways to fix that. One is to open a UDP socket and
ignore whatever comes through it. Another is to add a rule to iptables.
Yet another is to use LPF to essentially add a rule.
Keep in mind that it is the OS that sends this back, not Kea.
I think it makes sense to open normal socket, because admins then may use
standard commands to look at open sockets.
--
Ticket URL: <http://bind10.isc.org/ticket/3233>
BIND 10 Development <http://bind10.isc.org>
BIND 10 Development
More information about the bind10-tickets
mailing list