DataSoft / Honeyd

virtual honeypots
GNU General Public License v2.0
350 stars 103 forks source link

Cannot connect to honeyd from same machine #18

Closed DataSoft closed 11 years ago

DataSoft commented 12 years ago

If you try running honeyd on a network, packets going to any of the VMs are lost if they're sent from the host computer. The effect is that the host that is running honeyd is unable to contact any of the VMs created.

DataSoft commented 12 years ago

This actually appears intentional. Not sure as to why, though. Look at the following snippets:

In honeyd_recv_cb() of honeyd.c

    /* Ignore our own packets */
    addr_pack(&eth_sha, ADDR_TYPE_ETH, ETH_ADDR_BITS,
        &eth->eth_src, ETH_ADDR_LEN);
    if ((req = arp_find(&eth_sha)) != NULL &&
        (req->flags & ARP_INTERNAL))
        return;

And then a few lines later:

/* Check our own address */
addr_pack(&addr, ADDR_TYPE_IP, IP_ADDR_BITS, &ip->ip_dst, IP_ADDR_LEN);
if (addr_cmp(&addr, &inter->if_ent.intf_addr) == 0) {
    /* Only accept packets for own address if they are GRE */
    if (!router_used || ip->ip_p != IP_PROTO_GRE)
        return;
}
DataSoft commented 12 years ago

And no, merely commenting these lines out doesn't solve the issue.

dscott3 commented 12 years ago

If honeyd is ignoring them like that but it still doesn't work my guess is the problem lies in replying to the packets and ignoring them just saves cycles.

PherricOxide commented 11 years ago

This isn't really a bug, it's intended behavior of Honeyd. Closing.