Re: [lwip-users] 1.2.0 etharp_ip

lwip-users

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [lwip-users] 1.2.0 etharp_ip_input change

From:	Kieran Mansley
Subject:	Re: [lwip-users] 1.2.0 etharp_ip_input change
Date:	Wed, 03 Jan 2007 08:43:04 +0000

On Tue, 2007-01-02 at 17:50 +0000, Jonathan Larmour wrote:
> I was wondering about the following change in 1.2.0. Isn't updating the ARP 
> table from incoming IP packets a good thing and normal practice? Otherwise 
> for something which isn't already in the ARP cache (especially a new TCP 
> connection, or UDP from a novel host) won't the lwip stack need to send an 
> ARP request for any response?

There is a moderate spoofing problem with that approach, as you
essentially take it as given that the person who sent you the packet
isn't lying about their MAC address.  By always checking it (by sending
a broadcast ARP request) you give yourself at least a little protection
from such things.  Whether the efficiency of avoiding the ARP outweighs
the paranoia of always checking is perhaps up to the local network
manager, and we should perhaps consider it as a compile time option.

Kieran

[Prev in Thread]

Current Thread

[Next in Thread]

[lwip-users] 1.2.0 etharp_ip_input change, Jonathan Larmour, 2007/01/02
- Re: [lwip-users] 1.2.0 etharp_ip_input change, Kieran Mansley <=
  - Re: [lwip-users] 1.2.0 etharp_ip_input change, Jonathan Larmour, 2007/01/03

Prev by Date: [lwip-users] A contest thats music to your ears, literally.
Next by Date: Re: [lwip-users] 1.2.0 etharp_ip_input change
Previous by thread: [lwip-users] 1.2.0 etharp_ip_input change
Next by thread: Re: [lwip-users] 1.2.0 etharp_ip_input change
Index(es):
- Date
- Thread