[DragonFlyBSD - Submit #2780] (Closed) [PATCH] Optionally allow IPv6 ND packets from non-neighbours

bugtracker-admin at leaf.dragonflybsd.org bugtracker-admin at leaf.dragonflybsd.org
Sat Jan 31 11:06:54 PST 2015


Issue #2780 has been updated by dillon.

Status changed from New to Closed
% Done changed from 0 to 100

Ok, it defaults to off as is basically identical to what FreeBSD did so I've committed it.

-Matt

----------------------------------------
Submit #2780: [PATCH] Optionally allow IPv6 ND packets from non-neighbours
http://bugs.dragonflybsd.org/issues/2780#change-12573

* Author: gpr
* Status: Closed
* Priority: Normal
* Assignee: 
* Category: Networking
* Target version: 
----------------------------------------
IPv6 code discards ND packets from non-neighbours, which is believed to be correct, but breaks ND on some configurations (VULTR ipv6 for example). Hence the patch, it makes this behaviour optional (via sysctl). Default is old behaviour (discard those packets), accepting such ND packets can be insecure.
Useful links:
https://www.freebsd.org/security/advisories/FreeBSD-SA-08:10.nd6.asc
https://www.mail-archive.com/misc@openbsd.org/msg119029.html

Obtained-from: FreeBSD


---Files--------------------------------
rfc4861_no.patch (2.1 KB)


-- 
You have received this notification because you have either subscribed to it, or are involved in it.
To change your notification preferences, please click here: http://bugs.dragonflybsd.org/my/account



More information about the Submit mailing list