Bug 51792 – Implement Unicast Feature for WoL Magic Packets

Bug 51792 - Implement Unicast Feature for WoL Magic Packets


Summary:	Implement Unicast Feature for WoL Magic Packets

Status:	NEW

Product:	UCS@school
Classification:	Unclassified
Component:	General
Version:	unspecified
Hardware:	Other Linux

Importance:	P5 normal (vote)
Target Milestone:	---
Assigned To:	UCS@school maintainers
QA Contact:

URL:
Keywords:

Depends on:
Blocks:
	Show dependency tree / graph

Reported:	2020-08-10 08:39 CEST by Christian Völker
Modified:	2020-08-11 11:19 CEST (History)
CC List:	2 users (show)

See Also:
What kind of report is it?:	Feature Request
What type of bug is this?:	---
Who will be affected by this bug?:	---
How will those affected feel about the bug?:	---
User Pain:
Enterprise Customer affected?:
School Customer affected?:	Yes
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:	2020080721000637
Bug group (optional):
Max CVSS v3 score:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Christian Völker

2020-08-10 08:39:14 CEST

With Bug#51074 we implemented the feature of "Subnet Directed Broadcasts" which will send the magic packet to the broadcast address of the target IP network.

Due to security reasons customers have limited such network broadcasts coming in from other networks.

Request now is to add an UCRV containing the IP address of a device in the target network usually the router) which will convert the unicast packet to a local broadcast packet. You will need static ARP entries in the router/ firewall.

AFAIK uib does it in a similar way with opsi.

Comment 1 Daniel Tröder

2020-08-10 08:54:39 CEST

Can't the customer just add a rule to its packet filter allowing broadcast packages from the IP address of the school server?

Comment 2 Christian Völker

2020-08-10 09:09:04 CEST

Technically, this could be done, indeed. 

But "due to security reasons customers have limited such network broadcasts".

IT is not for technical reasons.

Comment 4 Michael Holz 2020-08-11 11:19:07 CEST

This feature request was originally filed by me. The issue is not that we, as a customer, have disabled directed broadcasts inside our network. It's our firewalls that do not have this feature. We are using pfSense in our network and the underlying FreeBSD has simply disabled the flag to enable allow directed broadcasts due to security reasons.