Bug#368269: quagga: ripd does not update routing table with propagated routes
Christian Hammers schreef: severity 368269 normal tags 368269 + moreinfo thanks Hello On 2006-05-21 F.A.G. Luteijn wrote: After upgrading to 0.98.3-7.2 all propagated routes are not imported into the routingtable. I downgraded to 0.98.3-7 and I have got the routes of my firewall back. After upgrading again I have lost those routes again. Routes are propagated correctly, but not picked up. Have you rebooted the system after upgrading? Just to be sure.. No, I didn't. But that should not make any difference. I only reboot a computer when I change the kernel. But I had a power failure last week, so everything has been booted up cleanly. And that didn't change anything. Do you use RIP authentication? No, I don't. I do not use any authentication. I have attached my conf-files and as you can see, they are quite straightforward. Maybe you're affected by a config / behaviour change due to the security update. Please take a look at the Release Notes or in http://bugzilla.quagga.net/show_bug.cgi?id=262 At least there were no further problem reports on Quagga+RIP after the security update. As I understand, you have changed the defaults for authentication. I hardly believe, that changing those defaults solve any of the security issues that were solved here. I even think it is a breach of the policy for security-updates. (See also Securing Debian Manual, 12.3.4: http://www.debian.org/doc/manuals/securing-debian-howto/ch12.en.html#s12.3.4) bye, -christian- I hope, I have answered your questions, Yours sincerely, -- Frans Luteijn PGP PblKey fprnt=C4 87 CE AF BC B6 98 C1 EF 42 A1 9A E2 C0 42 5B GPG PblKey fprnt=ED20 0F25 C233 DC59 3FFA 170E D0BF 15F5 0BA6 1355 ! -*- rip -*- ! ! RIPd sample configuration file ! ! $Id: ripd.conf.sample,v 1.11 1999/02/19 17:28:42 developer Exp $ ! hostname ripd password 8 cbxcypPiMhZdk enable password 8 7i2T7CpNFqGLc service password-encryption ! ! debug rip events ! debug rip packet ! router rip # default-information originate network 172.19.0.0/16 network 192.168.1.0/24 network 192.168.2.0/24 network 192.168.3.0/24 redistribute connected ! network 11.0.0.0/8 ! network eth0 ! route 10.0.0.0/8 ! distribute-list private-only in eth0 ! !access-list private-only permit 10.0.0.0/8 !access-list private-only deny any access-list local permit 127.0.0.0/8 access-list local permit 192.168.2.0/24 access-list local deny any ! line vty access-class local ! !log stdout ! log file /var/log/quagga/ripd.log ! -*- rip -*- ! ! RIPd sample configuration file ! ! $Id: ripd.conf.sample,v 1.11 1999/02/19 17:28:42 developer Exp $ ! hostname ripd ! password zebra ! ! debug rip events ! debug rip packet ! router rip network 192.168.2.0/24 ! network 11.0.0.0/8 ! network eth0 ! route 10.0.0.0/8 ! distribute-list private-only in eth0 ! !access-list private-only permit 10.0.0.0/8 !access-list private-only deny any access-list local permit 127.0.0.0/8 ! line vty access-class local ! !log stdout ! log file /var/log/quagga/ripd.log
Bug#368269: quagga: ripd does not update routing table with propagated routes
Hello On 2006-06-03 Frans Luteijn wrote: On 2006-05-21 F.A.G. Luteijn wrote: After upgrading to 0.98.3-7.2 all propagated routes are not imported into the routingtable. I downgraded to 0.98.3-7 and I have got the routes of my firewall back. After upgrading again I have lost those routes again. Routes are propagated correctly, but not picked up. Do you use RIP authentication? No, I don't. I do not use any authentication. I have attached my conf-files and as you can see, they are quite straightforward. Hm, then I have no clue and you can try getting help from the Quagga mailing list at www.quagga.net Maybe you're affected by a config / behaviour change due to the security update. Please take a look at the Release Notes or in http://bugzilla.quagga.net/show_bug.cgi?id=262 As I understand, you have changed the defaults for authentication. I hardly believe, that changing those defaults solve any of the security issues that were solved here. The patch is supposed to be as backwards compatible as it could get but one never knows... bye, -christian- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#368269: quagga: ripd does not update routing table with propagated routes
severity 368269 normal tags 368269 + moreinfo thanks Hello On 2006-05-21 F.A.G. Luteijn wrote: After upgrading to 0.98.3-7.2 all propagated routes are not imported into the routingtable. I downgraded to 0.98.3-7 and I have got the routes of my firewall back. After upgrading again I have lost those routes again. Routes are propagated correctly, but not picked up. Have you rebooted the system after upgrading? Just to be sure.. Do you use RIP authentication? Maybe you're affected by a config / behaviour change due to the security update. Please take a look at the Release Notes or in http://bugzilla.quagga.net/show_bug.cgi?id=262 At least there were no further problem reports on Quagga+RIP after the security update. bye, -christian- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#368269: quagga: ripd does not update routing table with propagated routes
Package: quagga Version: 0.98.3-7.2 Severity: grave Justification: renders package unusable After upgrading to 0.98.3-7.2 all propagated routes are not imported into the routingtable. I downgraded to 0.98.3-7 and I have got the routes of my firewall back. After upgrading again I have lost those routes again. Routes are propagated correctly, but not picked up. -- System Information: Debian Release: 3.1 Architecture: i386 (i686) Kernel: Linux 2.4.27 Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) Versions of packages quagga depends on: ii iproute 20041019-3 Professional tools to control the ii libc6 2.3.2.ds1-22sarge3 GNU C Library: Shared libraries an ii libcap1 1:1.10-14 support for getting/setting POSIX. ii libncurses5 5.4-4 Shared libraries for terminal hand ii libpam0g 0.76-22Pluggable Authentication Modules l ii libreadline4 4.3-11 GNU readline and history libraries ii logrotate 3.7-5 Log rotation utility -- no debconf information -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]