[FS#612] WAN to LAN leakage on MT7620 devices
LEDE Bugs
lede-bugs at lists.infradead.org
Fri Mar 10 10:48:29 PST 2017
The following task has a new comment added:
FS#612 - WAN to LAN leakage on MT7620 devices
User who did this - Kristian Evensen (kristrev)
----------
I did some more testing. I compiled a new bootloader with WAN/LAN partitioning available and then two firmware images, one with my crude fix and another without the fix. For both images, I also instrumented the kernel to write a debug message when mt7530_apply_config() is called. When booting the router, I ran arping querying for the IP of the upstream router.
Without my fix, I see roughly ten ARP replies. The time of the first replies matches with the first time apply_config is called, while the number of replies matches pretty well with the time it takes from apply_config() is called for the first time and until the actual switch config is set (i.e., my network config).
With my fix (and WAN/LAN partitioning) I saw no ARP replies from the upstream router across ~50 reboots of the router. I also tried to replicate the partitioning steps of the bootloader in the mt7620 switch driver, but I saw some leakage during some boots.
If anyone is interested in looking at my mt7620 configuration code, please let me know and I will share it here. I suspect this issue can be fixed without flashing the bootloader, just by setting up the switch correctly.
----------
More information can be found at the following URL:
https://bugs.lede-project.org/index.php?do=details&task_id=612#comment2140
More information about the lede-bugs
mailing list