IPv4 routing table is missing entries for additional addresses on the loopback interface #4201

jvgutierrez · 2023-12-04T09:36:02Z

Brief description

Scapy IPv4 routing table is missing additional addresses configured on the lo interface.

Scapy version

2.5.0

Python version

3.11.2

Operating system

Debian bookworm 12.2 running kernel 6.1.52-1

Additional environment information

No response

How to reproduce

Given the following IPv4 and IPv6 addresses assigned to lo:

vgutierrez@ncredir4001:~$ ip addr show dev lo
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet 198.35.26.98/32 scope global lo:LVS
       valid_lft forever preferred_lft forever
    inet6 2620:0:863:ed1a::3/128 scope global 
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host noprefixroute 
       valid_lft forever preferred_lft forever

scapy provides an IPv6 routing table that includes 2620:0:863:ed1a::3/128:

>>> conf.route6
Destination                     Next Hop  Iface   Src candidates              Metric
2620:0:863:101::/64             ::        ens13   2620:0:863:101:10:128:0:32  256   
fe80::/64                       ::        ens13   fe80::a800:ff:fe39:c6fc     256   
fe80::/64                       ::        ipip60  fe80::cbd:4aff:fe6b:a7c5    256   
::1/128                         ::        lo      ::1                         0     
2620:0:863:101:10:128:0:32/128  ::        ens13   2620:0:863:101:10:128:0:32  0     
2620:0:863:ed1a::3/128          ::        lo      ::1                         0     
fe80::cbd:4aff:fe6b:a7c5/128    ::        ipip60  fe80::cbd:4aff:fe6b:a7c5    0     
fe80::a800:ff:fe39:c6fc/128     ::        ens13   fe80::a800:ff:fe39:c6fc     0     
::/0                            fe80::1   ens13   2620:0:863:101:10:128:0:32  1024

But the IPv4 route table is missing 198.35.26.98/32:

>>> conf.route
Network     Netmask        Gateway     Iface  Output IP    Metric
0.0.0.0     0.0.0.0        10.128.0.1  ens13  10.128.0.32  0     
10.128.0.0  255.255.255.0  0.0.0.0     ens13  10.128.0.32  0     
127.0.0.0   255.0.0.0      0.0.0.0     lo     127.0.0.1    1

In fact, if we compare scapy IPv4 route table against the kernel local routing table, quite some entries seem to be missing:

$ ip route show table local
local 10.128.0.32 dev ens13 proto kernel scope host src 10.128.0.32 
broadcast 10.128.0.255 dev ens13 proto kernel scope link src 10.128.0.32 
local 127.0.0.0/8 dev lo proto kernel scope host src 127.0.0.1 
local 127.0.0.1 dev lo proto kernel scope host src 127.0.0.1 
local 127.0.0.42 dev ipip0 proto kernel scope host src 127.0.0.42 
broadcast 127.255.255.255 dev lo proto kernel scope link src 127.0.0.1 
local 198.35.26.98 dev lo proto kernel scope host src 198.35.26.98

Actual result

No response

Expected result

No response

Related resources

No response

The text was updated successfully, but these errors were encountered:

This rewrites much of the arch/linux code, in order to use a RTNETLINK socket instead of reading /proc/net/XXX. Among those: - the read_routes(6) functions - the linux interfaces provider - arch/linux util functions This adds support for multiple IPv4 addresses to interfaces, among with a generally much better handling of routes. fixes secdev#4201

gpotter2 · 2024-04-20T17:57:17Z

This should be fixed in #4352. Feel free to try it out

This rewrites much of the arch/linux code, in order to use a RTNETLINK socket instead of reading /proc/net/XXX. Among those: - the read_routes(6) functions - the linux interfaces provider - arch/linux util functions This adds support for multiple IPv4 addresses to interfaces, among with a generally much better handling of routes. fixes secdev#4201

* Rewrite arch/linux: interfaces/routes loading This rewrites much of the arch/linux code, in order to use a RTNETLINK socket instead of reading /proc/net/XXX. Among those: - the read_routes(6) functions - the linux interfaces provider - arch/linux util functions This adds support for multiple IPv4 addresses to interfaces, among with a generally much better handling of routes. fixes #4201 * Apply guedou suggestions * Restrain routes to RT_TABLE_LOCAL and RT_TABLE_MAIN

gpotter2 added the bug label Jan 19, 2024

gpotter2 added this to the 2.6.0 milestone Jan 30, 2024

gpotter2 mentioned this issue Apr 14, 2024

Rewrite arch/linux #4352

Merged

gpotter2 closed this as completed in #4352 Apr 28, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

IPv4 routing table is missing entries for additional addresses on the loopback interface #4201

IPv4 routing table is missing entries for additional addresses on the loopback interface #4201

jvgutierrez commented Dec 4, 2023

gpotter2 commented Apr 20, 2024

IPv4 routing table is missing entries for additional addresses on the loopback interface #4201

IPv4 routing table is missing entries for additional addresses on the loopback interface #4201

Comments

jvgutierrez commented Dec 4, 2023

Brief description

Scapy version

Python version

Operating system

Additional environment information

How to reproduce

Actual result

Expected result

Related resources

gpotter2 commented Apr 20, 2024