netbsd-bugs: bin/1316: excessive mrouted syslogs on duplex promisc ifaces

Subject: bin/1316: excessive mrouted syslogs on duplex promisc ifaces
To: None <gnats-bugs@gnats.netbsd.org>
From: John Hawkinson <jhawk@MIT.EDU>
List: netbsd-bugs
Date: 08/05/1995 23:29:10
>Number:         1316
>Category:       bin
>Synopsis:       excessive mrouted syslogs on duplex promisc ifaces
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    bin-bug-people (Utility Bug People)
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Sun Aug  6 16:35:02 1995
>Last-Modified:
>Originator:     John Hawkinson
>Organization:
MIT SIPB
>Release:        -current
>Environment:
System: NetBSD lola-granola 1.0A NetBSD 1.0A (LOLA) #70: Wed Aug 2 04:25:36 EDT 1995 jhawk@lola-granola:/afs/sipb.mit.edu/project/netbsd/dev/current-source/build/i386_nbsd1/sys/arch/i386/compile/LOLA i386

multicast release 3.5

>Description:

	On a machine with a mrouted as the querier on a duplex
	interface (for instance, fe0, fujitsu ethernet under NetBSD/i386),
	if that interface happens to be in promiscuous mode (running
	tcpdump, or...), multicasts sent by mrouted will be heard by
	mrouted, even though IP_MULTICAST_LOOP is disabled. I don't think
	it's reasonable to expect the kernel to deal with this problem,
	so mrouted needs to be able to handle this (this is analagous to
	the problem of writing bpf filters that normally operate in
	non-promiscuous mode, but should still work right if the interface
	suddenly becomes promiscuous).

	Anyway, the current state of affairs causes lots of:

Aug  5 18:00:04 lola-granola mrouted[2912]: warning - received DVMRP message from 'the unknown host' or self: 18.70.0.26
Aug  5 18:00:37 lola-granola last message repeated 15 times
Aug  5 18:02:38 lola-granola last message repeated 70 times
Aug  5 18:12:40 lola-granola last message repeated 335 times
Aug  5 18:22:43 lola-granola last message repeated 325 times

	Incidently, mrouted does not have any $NetBSD$ tags. I don't know
	what our policy is for "outside sources" like mrouted.

>How-To-Repeat:

	See above.

>Fix:

	mrouted shouldn't syslog if it gets IGMP from itelf (it should
	drop silently), but should continue to syslog if it gets IGMP
	from ``the unknown host''. The following patch applies cleanly
	to both the NetBSD mrouted (3.5) and mrouted 3.6.

*** vif.c	1995/08/06 03:03:50	1.1
--- vif.c	1995/08/06 03:17:03	1.2
***************
*** 887,909 ****
      nflags = (level >> 16) & 0xff;
  
      /*
!      * Confirm that 'addr' is a valid neighbor address on vif 'vifi'.
!      * IT IS ASSUMED that this was preceded by a call to find_vif(), which
       * checks that 'addr' is either a valid remote tunnel endpoint or a
       * non-broadcast address belonging to a directly-connected subnet.
       * Therefore, here we check only that 'addr' is not our own address
!      * (due to an impostor or erroneous loopback) or an address of the form
!      * {subnet,0} ("the unknown host").  These checks are not performed in
!      * find_vif() because those types of address are acceptable for some
!      * types of IGMP message (such as group membership reports).
!      */
!     if (!(v->uv_flags & VIFF_TUNNEL) &&
! 	(addr == v->uv_lcl_addr ||
! 	 addr == v->uv_subnet )) {
  	log(LOG_WARNING, 0,
! 	    "received DVMRP message from 'the unknown host' or self: %s",
  	    inet_fmt(addr, s1));
  	return (FALSE);
      }
  
      /*
--- 887,912 ----
      nflags = (level >> 16) & 0xff;
  
      /*
!      * Confirm that 'addr' is a valid neighbor address on vif 'vifi'.  IT
!      * IS ASSUMED that this was preceded by a call to find_vif(), which
       * checks that 'addr' is either a valid remote tunnel endpoint or a
       * non-broadcast address belonging to a directly-connected subnet.
       * Therefore, here we check only that 'addr' is not our own address
!      * (due to an impostor or erroneous loopback, or a promiscuous
!      * interface) or an address of the form {subnet,0} ("the unknown
!      * host").  These checks are not performed in find_vif() because
!      * those types of address are acceptable for some types of IGMP
!      * message (such as group membership reports).
!      */
!     if (!(v->uv_flags & VIFF_TUNNEL)) {
!       if (addr == v->uv_lcl_addr)
! 	return (FALSE);	/* We don't want to be awfully verbose */
!       if (addr == v->uv_subnet) {
  	log(LOG_WARNING, 0,
! 	    "received DVMRP message from 'the unknown host': %s",
  	    inet_fmt(addr, s1));
  	return (FALSE);
+       }
      }
  
      /*
>Audit-Trail:
>Unformatted: