BindToAddress: TCP connections originate from random source address.
Rob Townley
rob.townley at gmail.com
Wed Jun 10 21:31:52 CEST 2009
if one doesnt want a patch, wouldnt
/sbin/ip rule help
fix this?
On 5/26/09, Guus Sliepen <guus at tinc-vpn.org> wrote:
> On Tue, May 26, 2009 at 06:06:37PM +0200, Florian Forster wrote:
>
>> I've stumbled upon a problem which I can't solve easily with the
>> available options in tinc - at least as far as I see. If enlightenment
>> is all I need, I'll happily accept pointers ;)
> [...]
>> The problem is that `BindToAddress' is only used for *listening* TCP
>> sockets, not for sending TCP sockets.
> [...]
>> On the other hand, the UDP sockets are
>> bound and used for both, sending and receiving.
> [...]
>> The function `handle_incoming_vpn_data' then fails to look up the host
>> entry belonging to this IP address and I get the error printed in
>> line 559:
>>
>> Received UDP packet from unknown source 2001:780:0:1e::1
>>
>> I propose to check the `BindToAddress' configuration in
>> `do_outgoing_connection' and, if set, bind TCP sockets to that address,
>> too.
>
> Yes, that is a simple solution that should work. The same change should
> probably also be made for BindToInterface then.
>
>> Are there any comments, suggestions, or objections? Otherwise I'd write
>> a quick patch..
>
> A patch would be welcome! But I still wonder about the configure.in patch
> you
> sent?
>
> --
> Met vriendelijke groet / with kind regards,
> Guus Sliepen <guus at tinc-vpn.org>
>
More information about the tinc-devel
mailing list