|Summary:||Possible Denial of Service when using dhcp on red|
|Product:||IPFire||Reporter:||Jonatan Schlag <jonatan.schlag>|
|Component:||---||Assignee:||Assigned to nobody - feel free to grab it and work on it <nobody>|
|Status:||CLOSED FIXED||QA Contact:|
|Priority:||Will affect most users||CC:||andreas, arne.fitzenreiter, jonatan.schlag, michael.tremer, peter.mueller|
|Attachments:||Logs of the Firewall, reduced to the interesting parts|
Description Jonatan Schlag 2020-04-07 15:46:22 UTC
Hi, I will a further Information when this bug is marked as private. Greetings Jonatan
Comment 1 Jonatan Schlag 2020-04-07 15:56:41 UTC
Hi, on the third of February 2020, the dhcpc daemon crashed, due to a segfault. This segfault seems to be caused by an invalid UDP Package that was sent from an IP address which does not belong to my ISP. Attached are logs of all events when the dhcpc daemon encountered an invalid UDP package. I substituted all internal IP addresses with corresponding strings. Greetings Jonatan
Comment 2 Jonatan Schlag 2020-04-07 15:59:50 UTC
Created attachment 741 [details] Logs of the Firewall, reduced to the interesting parts
Comment 3 Peter Müller 2020-04-07 18:45:46 UTC
Just some details regarding the mentioned IPs: 184.108.40.206 -> AS20940 (Akamai Technologies) -> Estimated location: Amsterdam, NL 220.127.116.11 -> AS15169 (Google LLC) -> Estimated location: ? (Somewhere in Central Europe) 18.104.22.168 -> AS31334 (Vodafone Kabel Deutschland GmbH) -> Estimated location: ?, DE 22.214.171.124 -> AS6057 (Administracion Nacional de Telecomunicaciones) -> Estimated location: ?, BO In my opinion, Vodafone/Kabel Deutschland has a major problem with the packet filters (if any) at their perimeters. Although I do not expect any answer, we should let them know about this as soon as this bug has been solved.
Comment 4 Peter Müller 2020-04-10 11:00:11 UTC
Trying to get a contact to the firewall folks at Kabel Deutschland...
Comment 5 Michael Tremer 2020-04-14 14:55:25 UTC
(In reply to Peter Müller from comment #4) > Trying to get a contact to the firewall folks at Kabel Deutschland... A customer can confirm that this is happening on Vodafone's network somewhere in Eastern Germany. Jonatan, could you please install c143, which has an updated version of dhcpcd as soon as you can?
Comment 6 Arne.F 2020-04-14 16:33:52 UTC
Please test core144 from unstable. This contains only dhcpcd 9.00 yet.
Comment 7 Jonatan Schlag 2020-04-20 06:49:22 UTC
Comment 8 Michael Tremer 2020-04-22 17:33:18 UTC
> https://blog.ipfire.org/post/ipfire-2-25-core-update-144-is-available-for-testing Can somebody confirm that this is fixed?
Comment 9 Andreas Zweili 2020-04-23 15:27:20 UTC
I'm installing update 144 now since I wrote this post: https://community.ipfire.org/t/connection-on-red-randomply-stops-working-maybe-after-dhcp-renewal/531 However I have no idea when I should report back that it works. It can work fine for two - three weeks and at other times happen every few days.
Comment 10 Peter Müller 2020-04-25 14:53:16 UTC