} } }, { { { 0 } } }, { { { 0 } } }, { { { 0 } } },
, , { 0 }, { 0 }, 0, 0, 0 },
+{ { { { 0 }, { 0 }, { 0 }, { 0 }, , , { 0 }, { 0 }, 0, 0, 0 },
Please, someone on the kernel side check these differences!
Regards,
kisza
--
Andras Kis-Szabo Security Development, Design and Audit
Hi,
- Hungarian FAQ update (sync)
- SGML fix to FAQ
regards,
kisza
--
Andras Kis-Szabo Security Development, Design and Audit
-/Zorp, NetFilter and IPv6
[EMAIL PROTECTED] /-Member of the BUTE-MIS-SEARCHlab--
--- netfilter/FAQ
:
how can I specify a signed and encrypted packet?
(Ex. SPIs AH=101 ESP=120. The packet is: IPv4-AH-ESP)
Regards,
kisza
--
Andras Kis-Szabo Security Development, Design and Audit
-/ Zorp, NetFilter and IPv6
[EMAIL PROTECTED
, please test them, if You've got a lot of free time!
:)
2.
Extensions-HOWTO update for these matches
(And added a status filed to the ipv6 extensions)
3.
The CVS still borken, somehow the library did not renamed with the match
( agr - eui64)
Regards,
kisza
--
Andras Kis-Szabo
--
Andras Kis-Szabo Security Development, Design and Audit
-/ Zorp, NetFilter and IPv6
[EMAIL PROTECTED] /--
signature.asc
Description: This is a digitally signed message part
.
(I've got some tcpdump files which can be resend with this tool)
regards,
kisza
--
Andras Kis-Szabo Security Development, Design and Audit
-/ Zorp, NetFilter and IPv6
[EMAIL PROTECTED] /--
diff -urN
header.
(I've got some tcpdump files which can be resend with this tool)
Cool, patch applied to CVS.
Some example packet can be found at:
http://www.securityaudit.hu/Netfilter/addons/TestPackets/
(used them for ipv6header, ah and esp matches)
regards,
kisza
--
Andras Kis
[--fragmore|--fraglast] there are more fragments or this
is the last one
Regards,
kisza
--
Andras Kis-Szabo Security Development, Design and Audit
-/ Zorp, NetFilter and IPv6
[EMAIL PROTECTED
and IPIP tunnels can be concerned, too!
(The SIT implementation cloned from them. I haven't got configured gre
and/or ipip tunnel :( )
Regards,
kisza
Harald: added 2 checks for the pointers inside the skb area.
(mac under- and ip overflow checks)
--
Andras Kis-Szabo Security
):
iptables -t nat -A PREROUTING -p tcp --dport 666 -m ttl --ttl-gt 4 -j DNAT --to
172.16.3.26:22
iptables -t nat -A PREROUTING -m ttl --ttl-lt 5 -j LOG --log-prefix Evil
hax0r
(So it is not hardcoded as in IPFilter ... )
Regards,
kisza
--
Andras Kis-Szabo Security Development
:4d:5d:aa:00:04:00:01:04:08:00 SITSRC=xxx.xxx.xx.xxx
SITDST=yyy.yy.yyy.yyy SRC=2001:0200::4819:0210:f3ff:fe03:04d0
DST=3ffe:0b80:0002::::: LEN=104 TC=0 HOPLIMIT=54
FLOWLBL=0 PROTO=ICMPv6 TYPE=129 CODE=0 ID=49685 SEQ=512
Regards,
kisza
--
Andras Kis-Szabo
, and there isn't at the '-L' to avoid
the spaces.
Regards,
kisza
--
Andras Kis-Szabo Security Development, Design and Audit
-/ Zorp, NetFilter and IPv6
[EMAIL PROTECTED] /--
diff -urN netfilter-old/userspace
' is OK, but can I set the hotdrop or not?
(w/o hotdrop=1, I simply discards the packet,
with it, I deny the whole sending mechanism, the userspace gets back an
'operation not permitted' msg.)
Regards,
kisza
--
Andras Kis-Szabo Security Development, Design and Audit
/addons/TestPackets
(1 truncated AH packet and 4 routing packets)
Regards,
kisza
--
Andras Kis-Szabo Security Development, Design and Audit
-/ Zorp, NetFilter and IPv6
[EMAIL PROTECTED] /--
diff -urN
hi,
- remove check of find_proto(), since do_command() can be called multiple times,
and match will be loaded after first call.
- remove the '-C' option (from help msgs)
kisza
--
Andras Kis-Szabo Security Development, Design and Audit
-/Zorp
--
Andras Kis-Szabo Security Development, Design and Audit
-/Zorp, NetFilter and IPv6
[EMAIL PROTECTED] /-Member of the BUTE-MIS-SEARCHlab--
.
(In IPv6-ICMP the length-limit is ~1298 bytes, ...)
kisza
--
Andras Kis-Szabo Security Development, Design and Audit
-/Zorp, NetFilter and IPv6
[EMAIL PROTECTED] /-Member of the BUTE-MIS-SEARCHlab--
it as soon as I find some free
time.
(My final exams - for MSc - are more important in these days and Jozsef
is engaged in it, too.)
Regards,
kisza
--
Andras Kis-Szabo Security Development, Design and Audit
-/Zorp, NetFilter and IPv6
[EMAIL
18 matches
Mail list logo