[DragonFlyBSD - Submit #2780] (Closed) [PATCH] Optionally allow IPv6 ND packets from non-neighbours
bugtracker-admin at leaf.dragonflybsd.org
bugtracker-admin at leaf.dragonflybsd.org
Sat Jan 31 11:06:54 PST 2015
Issue #2780 has been updated by dillon.
Status changed from New to Closed
% Done changed from 0 to 100
Ok, it defaults to off as is basically identical to what FreeBSD did so I've committed it.
-Matt
----------------------------------------
Submit #2780: [PATCH] Optionally allow IPv6 ND packets from non-neighbours
http://bugs.dragonflybsd.org/issues/2780#change-12573
* Author: gpr
* Status: Closed
* Priority: Normal
* Assignee:
* Category: Networking
* Target version:
----------------------------------------
IPv6 code discards ND packets from non-neighbours, which is believed to be correct, but breaks ND on some configurations (VULTR ipv6 for example). Hence the patch, it makes this behaviour optional (via sysctl). Default is old behaviour (discard those packets), accepting such ND packets can be insecure.
Useful links:
https://www.freebsd.org/security/advisories/FreeBSD-SA-08:10.nd6.asc
https://www.mail-archive.com/misc@openbsd.org/msg119029.html
Obtained-from: FreeBSD
---Files--------------------------------
rfc4861_no.patch (2.1 KB)
--
You have received this notification because you have either subscribed to it, or are involved in it.
To change your notification preferences, please click here: http://bugs.dragonflybsd.org/my/account
More information about the Submit
mailing list