search

meebey / force_bind

Experimental library to force socket bind syscalls to use a specific IP address. Use at your own risk!
GNU General Public License v3.0
28 stars 10 forks source link

force_bind doesn't work with UDP #1

Open N-Mi opened 11 years ago

N-Mi commented 11 years ago

Hi,

I don't know if you still maintain this code, but in doubt I fill this issue here.

I just compiled and installed force_bind from latest git, and could successfully use telnet and ping (after setuid the .so file).

I then tried to do some snmpget/snmpwalk on an equipment, and this doesn't work, while telnet and ping use the bind address configured in force_bind variables.

I checked with tcpdump and can observe that outgoing traffic for snmp requests are sourced with default interface IP, instead of the one declared in FORCE_BIND_ADDRESS_V4.

Here is the content of log file using verbose level 999 :

Init started...
Version: 0.11
Force bind to IPv4 address "172.21.17.38".
Init ended.
close(fd=3)
del(fd=3)
list...
socket(domain=IPv4, type=dgram, protocol=0)
socket_create_callback(3, IPv4, dgram)
add(fd=3, ...)
list...
    fd=   3 type=dgram flags=0001 limit=0 rest=0 last=0.000000 dest=0/?/?
sendmsg(sockfd=3, ..., flags=0x4040)
change_local_binding(sockfd=3)
alter_sa(sockfd=3, ...)
bw(sockfd=3, bytes=45)
sendmsg(sockfd=3, ..., flags=0x4040)
change_local_binding(sockfd=3)
bw(sockfd=3, bytes=45)
sendmsg(sockfd=3, ..., flags=0x4040)
change_local_binding(sockfd=3)
bw(sockfd=3, bytes=45)
sendmsg(sockfd=3, ..., flags=0x4040)
change_local_binding(sockfd=3)
bw(sockfd=3, bytes=45)
sendmsg(sockfd=3, ..., flags=0x4040)
change_local_binding(sockfd=3)
bw(sockfd=3, bytes=45)
sendmsg(sockfd=3, ..., flags=0x4040)
change_local_binding(sockfd=3)
bw(sockfd=3, bytes=45)
close(fd=3)
del(fd=3)
list...

We can see in this trace that force_bind is loaded, and tries to bind on given address, but traffic is actually sent with another address.

I had the same behaviour trying to perform a DNS request using nslookup, so I believe the problem is with UDP in general.

Regard,

N-Mi.

meebey commented 11 years ago

I am using this code, thus I maintain it as needed. I never tried UDP yet... Not sure if it deals with UDP at all yet . Disclaimer: I am not the author of the library. I only applied some fixes I needed. When I have some spare time I will look into this issue. nslookup/host should be a good way to see if it works or not, like you did.