SYSTEM WARNING: 'date_default_timezone_get(): It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected the timezone 'UTC' for now, but please set date.timezone to select your timezone.' in '/usr/share/mantis/www/core.php' line 264

0004342: Endian configured as a gateway redirects traffic through the default gateway even on the same network. - MantisBT Endian Bugtracker
Endian Issue Tracker





Please see now our new Bugtracker system: JIRA








View Issue Details Jump to Notes ] Issue History ] Print ]
IDProjectCategoryView StatusDate SubmittedLast Update
0004342Endian FirewallNetwork related (VPN, uplinks)public2012-04-27 19:432012-11-14 18:03
Reportercemendes 
Assigned To 
PrioritynormalSeveritymajorReproducibilityalways
StatusacknowledgedResolutionopen 
PlatformOSOS Version
Product Version2.5 
Target VersionFixed in Version 
Summary0004342: Endian configured as a gateway redirects traffic through the default gateway even on the same network.
DescriptionBox A - IP 192.168.10.10
MAC 00:24:d7:94:d3:38 (Windows Client)

Box B - IP 192.168.10.2
MAC 00:0c:29:0f:c8:56 (Endian 2.5.1)

Box C IP 192.168.10.1
MAC 00:50:56:22:ca:c0 (Default Gateway)

BOX B has only one interface and the virtual red interface is configured as a gateway pointing to BOX C.

When I ping BOX B from BOX A, BOX B issues a ICMP redirects and send my connection through the BOX C. The gateway(also a firewall) is tolerant with ICMP packets. However, it is not very kind with other packets in the same situation as when I try to access Endian web interface, the firewall blocks the connection. Since the gateway is also a firewall, it thinks someone is spoofing the network and blocks the packets. This behavior is not correct since both BOX A and B are on the same network and must not rely on BOX C (default gateway) to communicate to each other. This issue was introduced on 2.5.1(perhaps 2.5, I haven't test it). I cannot reproduce this problem with 2.4.1 which works perfectly. Enclosed, you can find a lan trace taken on BOX A.
TagsNo tags attached.
Attached Files

- Relationships

-  Notes
(0007847)
cemendes (reporter)
2012-04-27 19:56

I had to place the trace in a ftp website, since it was too big to attach here.

ftp.novell.com/outgoing/icmp2-trace.pcap
(0007978)
lorenzo-endian (manager)
2012-07-31 11:28

hi cemendes,

i would inform you that this bug has been resolved in the last enterprise packages... i hope we can release soon the fix for the community edition too..

one question, only because I am curious: do you use the community inside the Novell business network of just for personal testing? :)

thanks a lot for reporting the issue and for supporting us!

Lo
(0008307)
mtpcosta (reporter)
2012-11-14 16:30
edited on: 2012-11-14 16:36

Hi, I have the same problem.
Is there a way to solve?

Thanks,

(0008308)
cemendes (reporter)
2012-11-14 18:03

Thanks, Lorenzo. I work for Novell but, I use Endian at my home. :-)

- Issue History
Date Modified Username Field Change
2012-04-27 19:43 cemendes New Issue
2012-04-27 19:56 cemendes Note Added: 0007847
2012-05-18 12:41 daniele-endian Relationship added child of 0004360
2012-07-31 11:28 lorenzo-endian Note Added: 0007978
2012-07-31 11:28 lorenzo-endian Status new => acknowledged
2012-11-14 16:30 mtpcosta Note Added: 0008307
2012-11-14 16:36 mtpcosta Note Edited: 0008307 View Revisions
2012-11-14 18:03 cemendes Note Added: 0008308

Copyright © 2005-2008 Endian, SRL. All rights reserved.


Copyright © 2000 - 2012 MantisBT Group
Powered by Mantis Bugtracker