Univention Bugzilla – Full Text Bug Listing |
Summary: | Only binds to one random IP | ||
---|---|---|---|
Product: | UCS | Reporter: | Philipp Hahn <hahn> |
Component: | UCS Net Installer | Assignee: | Philipp Hahn <hahn> |
Status: | CLOSED FIXED | QA Contact: | Daniel Tröder <troeder> |
Severity: | normal | ||
Priority: | P5 | CC: | gohmann, walkenhorst |
Version: | UCS 4.1 | Flags: | hahn:
Patch_Available+
|
Target Milestone: | UCS 4.1-0-errata | ||
Hardware: | All | ||
OS: | Linux | ||
What kind of report is it?: | --- | What type of bug is this?: | --- |
Who will be affected by this bug?: | --- | How will those affected feel about the bug?: | --- |
User Pain: | Enterprise Customer affected?: | ||
School Customer affected?: | ISV affected?: | ||
Waiting Support: | Flags outvoted (downgraded) after PO Review: | ||
Ticket number: | Bug group (optional): | IPv6, Usability | |
Max CVSS v3 score: | |||
Attachments: | Listen to INADDR_ANY |
r67128 | Bug #34061 net: Listen on all interfaces Package: univention-net-installer Version: 9.0.1-2.32.201602021402 Branch: ucs_4.1-0 Scope: errata4.1-0 r67129 | Bug #40559,Bug #39937,Bug #38821,Bug #33361,Bug #3406 net: YAML univention-net-installer.yaml OK: advisory OK: code change OK: manual tests: root@ni-m49:~# univention-install univention-net-installer-daemon Create security/packetfilter/package/univention-net-installer-daemon/tcp/49173/all Create security/packetfilter/package/univention-net-installer-daemon/tcp/49173/all/en root@ni-m49:~# lsof -Pni | grep $(pgrep -f univention-net-installer-daemon) univentio 14392 root 5u IPv4 398498 0t0 TCP *:49173 (LISTEN) univentio 14392 root 8u IPv4 398507 0t0 TCP 10.200.3.49:44464->10.200.3.49:7389 (ESTABLISHED) root@ni-m49:~# ip a | grep 'inet ' inet 127.0.0.1/8 scope host lo inet 10.200.3.49/24 brd 10.200.3.255 scope global eth0 inet 172.17.42.1/16 scope global docker0 root@ni-m49:~# telnet 127.0.0.1 49173 Connected to 127.0.0.1. root@ni-m49:~# telnet 10.200.3.49 49173 Connected to 10.200.3.49. root@ni-m49:~# telnet 172.17.42.1 49173 Connected to 172.17.42.1. dtroeder@sommar:~$ telnet 10.200.3.49 49173 Connected to 10.200.3.49. |
Created attachment 5777 [details] Listen to INADDR_ANY socket.gethostbyname(socket.gethostname()) returns only one (random) address of the host, which leads to univention-net-installer-daemon not being reachable for all addresses: vm# nc 184.1.3.1 49173 nc: can't connect to remot (host 184.1.3.1): connection refused repo# lsof -i :49173 -n COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME univentio 21372 root 6u IPv4 685772 0t0 TCP 192.168.0.135:49173 (LISTEN) repo# tcpdump -i XXXlan0 "tcp port 49173" 17:14:05.405463 IP XX-blade.XXX.de.57753 > xen12.phahn.dev.49173: Flags [S], seq 2622705207, win 14600, options [mss 1460,sackOK,TS val 150303 ecr 0,nop,wscale 7], length 0 17:14:05.405514 IP xen12.phahn.dev.49173 > XXX-blade.XXX.de.57753: Flags [R.], seq 0, ack 2622705208, win 0, length 0