Bug 123350 - Peer is not allowed to use address [ip-address]
Peer is not allowed to use address [ip-address]
Status: CLOSED INSUFFICIENT_DATA
Product: Fedora
Classification: Fedora
Component: ppp (Show other bugs)
1
All Linux
medium Severity medium
: ---
: ---
Assigned To: Thomas Woerner
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2004-05-17 10:17 EDT by Marco Tagliabue
Modified: 2008-08-02 19:40 EDT (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2006-10-25 16:09:10 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Marco Tagliabue 2004-05-17 10:17:24 EDT
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.6)
Gecko/20040113

Description of problem:
When configured as a ppp server pppd fails to accept a link from
another host giving this message in the log:
"Peer is not allowed to use address [ip-address]".

This seems to have no relation with the address itself.

The same does not happen on a RedHat 9.0 box with the same ppp
configuration.

I've tried to specify a cuple of addresses in options.ttyXXX file and
not specyfying any. Nothing changes. 

I'm using following options in pppd on the server side
-chap
+pap
login
debug
netmask 255.255.255.0
192.9.201.12:192.9.201.13

I've also tried a downgrade of ppp to ppp-2.4.1-10, which is the one
I'm using on RedHat 9.0 but it gives no benefit.


Version-Release number of selected component (if applicable):
ppp-2.4.1-15

How reproducible:
Always

Steps to Reproduce:
1.Just confiugure Fedora as a ppp server.
2.Try to connect from another host.
3.

Actual Results:  You should see that pppd on the server machine drops
the connection and gives a message in the log file saying:
"Peer is not allowed to use address [ip-address]".

Expected Results:  pppd should go on without messages and allow the
Peer to adopt the address.

Additional info:

In order to temporarily fix the problem I've modified the
auth_ip_addr() funcion in auth.c file.
I've just added "return 1" in order to have my address allowed.
Then I've recomplied and installed.
It works, but I'm not really understanding where the problem is coming
from.

/*
 * auth_ip_addr - check whether the peer is authorized to use
 * a given IP address.  Returns 1 if authorized, 0 otherwise.
 */
int
auth_ip_addr(unit, addr)
    int unit;
    u_int32_t addr;
{
    int ok;

    /* don't allow loopback or multicast address */
    if (bad_ip_adrs(addr))
	return 0;


    if (addresses[unit] != NULL) {
	ok = ip_addr_check(addr, addresses[unit]);
	if (ok >= 0)
	    return ok;
    }

    return 1;  /* THIS IS MY MODIFICATION*/

    if (auth_required)
	return 0;		/* no addresses authorized */
    return allow_any_ip || privileged || !have_route_to(addr);
}
Comment 1 Thomas Woerner 2004-06-17 09:29:49 EDT
Can you reproduce this problem with ppp-2.4.2-2 (fc2)?
Comment 2 John Thacker 2006-10-25 16:09:10 EDT
Closed per above message and lack of response.  Note that FC1 and FC2 are not even
supported by Fedora Legacy anymore.

Note You need to log in before you can comment on or make changes to this bug.