Date: Sat, 21 Apr 2018 18:34:26 +0000 From: bugzilla-noreply@freebsd.org To: bugs@FreeBSD.org Subject: [Bug 227674] [ipfw] [ipv6] ICMPv6 echo replies incorrectly matched by kernel ipfw Message-ID: <bug-227674-227@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D227674 Bug ID: 227674 Summary: [ipfw] [ipv6] ICMPv6 echo replies incorrectly matched by kernel ipfw Product: Base System Version: 11.1-STABLE Hardware: Any OS: Any Status: New Severity: Affects Some People Priority: --- Component: kern Assignee: bugs@FreeBSD.org Reporter: eugen@freebsd.org CC: ae@FreeBSD.org, glebius@FreeBSD.org This is very similar to old PR https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D131817 fixed 6 years ag= o with https://svnweb.freebsd.org/base?view=3Drevision&revision=3D223753 Now ipfw rule "deny log ip from any to any out recv re0 xmit re0" incorrect= ly matches outgoing ICMPv6 echo replies sent by the system in response to inco= ming echo request. The reply should not have "recv" attribute and should not be matched. I suspect that as in older ARP problem, the code re-uses mbuf and forgets to nullify m->m_pkthdr.rcvif --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-227674-227>