[4258] in bugtraq
Re: [LINUX] IP_MASQ / Ethernet Passing Traffic After Halt
daemon@ATHENA.MIT.EDU (Miquel van Smoorenburg)
Sat Apr 12 14:17:50 1997
Date: Sat, 12 Apr 1997 12:04:51 +0200
Reply-To: Miquel van Smoorenburg <miquels@CISTRON.NL>
From: Miquel van Smoorenburg <miquels@CISTRON.NL>
To: BUGTRAQ@NETSPACE.ORG
In article <Pine.LNX.3.96.970411235054.377A-100000@litterbox.org>,
Sean B. Hamor <hamors@LITTERBOX.ORG> wrote:
> A problem exists in IP Masquerade under Linux which allows traffic to be
> passed to external networks even after the gateway host has been halted.
> As long as a connection has been established from an internal machine via
> the IP Masquerade gateway to an external host and the Ethernet interfaces
> inside the machine are still being supplied power, that connection will
> stay online in a fully interactive state.
That might be true - the kernel as such keeps running if it is halted,
since a halt in Linux only means "kill all processes and then run an
idle loop". I don't believe the kernel keeps running during a warm reboot,
sorry...
Anyway, the latest halt and reboot of sysvinit (2.70) have a command line
switch "-i", which finds and shuts down all network interfaces. If you
get that one, and add a "-i" option to all calls to halt and reboot in
your init scripts, you're safe.
It might be better to fix this in the kernel..
Mike.
