[DragonFlyBSD - Submit #3085] (New) [PATCH] pf(4): Bring some IPv6-related fixes from OpenBSD
bugtracker-admin at leaf.dragonflybsd.org
bugtracker-admin at leaf.dragonflybsd.org
Fri Oct 20 23:38:10 PDT 2017
Issue #3085 has been reported by liweitianux.
----------------------------------------
Submit #3085: [PATCH] pf(4): Bring some IPv6-related fixes from OpenBSD
http://bugs.dragonflybsd.org/issues/3085
* Author: liweitianux
* Status: New
* Priority: Normal
* Assignee:
* Category: PF
* Target version:
----------------------------------------
Hello,
The attached patch contains the following 3 commits that I brought from OpenBSD:
1. pf: use IN6_IS_SCOPE_EMBED to check kernel-internal form addresses
2. pf: Always skip "urpf-failed" test for IPv6 link local addresses
3. pf: Make pf_print_host() print IPv6 addresses correctly
The second commit fixes the "uprf-failed" issue on IPv6 that I shared on the mailing list some time ago [1]. With this fix, the "urpf-failed" rule can just be enabled on both IPv4 and IPv6.
Credit to Marcin Wisnicki, who pointed out the problem and gave fixes to it [2].
[1] http://lists.dragonflybsd.org/pipermail/users/2017-August/313577.html
[2] https://lists.freebsd.org/pipermail/freebsd-pf/2010-July/005724.html
Cheers,
Aly
---Files--------------------------------
pf-inet6.patch (3.73 KB)
--
You have received this notification because you have either subscribed to it, or are involved in it.
To change your notification preferences, please click here: http://bugs.dragonflybsd.org/my/account
More information about the Submit
mailing list