Date: Tue, 14 Jun 2011 16:44:54 +0200 From: crest <crest@informatik.uni-bremen.de> To: freebsd-ipfw@freebsd.org Subject: Re: kern/157239: [ipfw] [dummynet] ipfw + dummynet corrupts ipv6 packets Message-ID: <B4003759-75D3-4663-87E0-FD9374227D60@informatik.uni-bremen.de> In-Reply-To: <CB5F654C-227D-43C0-8A13-F57C19A1861C@informatik.uni-bremen.de> References: <201106041300.p54D0Oji030792@freefall.freebsd.org> <CB5F654C-227D-43C0-8A13-F57C19A1861C@informatik.uni-bremen.de>
index | next in thread | previous in thread | raw e-mail
On 06.06.2011, at 19:30, crest wrote: > > On 04.06.2011, at 15:00, Manuel Kasper wrote: > >> The following reply was made to PR kern/157239; it has been noted by GNATS. >> >> Also, I believe I've found the cause: ipfw/dummynet code uses = >> SET_HOST_IPLEN on IPv6 packets in two instances, thus inadvertently = >> swapping the next header and hop limit fields in the IPv6 header, = >> causing the "Unknown Extension Header" warnings and dropped packets (or = >> bad packets appearing on the wire if = >> net.inet6.ip6.fw.deny_unknown_exthdrs=3D0). >> >> A patch against 8.2-RELEASE that fixes this issue for me is attached - = >> Jan, could you please verify if this fixes the issue for you too? > > I tested the patch and it solved the problem for a simple test setup. I'll test it in a more complex setup this evening/ night (TZ=CEST). I tried the patch on 3 Boxes (2 x amd64, 1 x i386). The patch solves the reported problem. I detected no regression.help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?B4003759-75D3-4663-87E0-FD9374227D60>