Discussion:
ipf return-icmp on link local addresses
(too old to reply)
Edgar Fuß
2017-07-20 15:37:57 UTC
Permalink
Does anyone use ipf with link local addresses?

ipf's return-icmp doesn't work when the packet matched by the rule is directed at a link local address. The problem is that ipf_send_icmp_err() calls ipf_ifpaddr() to find an address of the interface in question, but that routine discards link local addresses.
I guess the best fix is to simply use the destination address instead if it is link local, i.e. treat the rule as if return-icmp-as-dest was given in this case.
Edgar Fuß
2017-07-20 15:46:22 UTC
Permalink
One more ipf thing: Even if using a gateway route, ipf_fastroute6() calls
nd6_output()/ip6_if_output() with ifp == origifp. Is that correct?

--
Posted automagically by a mail2news gateway at muc.de e.V.
Please direct questions, flames, donations, etc. to news-***@muc.de
Edgar Fuß
2017-08-07 14:42:24 UTC
Permalink
I've filed kern/52471 for this one.

--
Posted automagically by a mail2news gateway at muc.de e.V.
Please direct questions, flames, donations, etc. to news-***@muc.de
Edgar Fuß
2017-08-07 14:41:02 UTC
Permalink
I've filed kern/52470 for this.

--
Posted automagically by a mail2news gateway at muc.de e.V.
Please direct questions, flames, donations, etc. to news-***@muc.de
Loading...