artulab
projects / openbsd / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: ec8a341) | patch
IGMP and ICMP6 MLD packets always have the router alert option set.
authorbluhm <bluhm@openbsd.org>
Fri, 29 Apr 2022 08:58:49 +0000 (08:58 +0000)
committerbluhm <bluhm@openbsd.org>
Fri, 29 Apr 2022 08:58:49 +0000 (08:58 +0000)
commit214dd8280ca1918f257af21db60567840cf3ab4f
tree9d5597fd99ad6d065e2465d725f4aa5b6fa171eetree | snapshot
parentec8a3410fbf86966d4e84ce53a01458ea2cd5c80commit | diff
IGMP and ICMP6 MLD packets always have the router alert option set.
pf blocked IPv4 options and IPv6 option header by default.  This
forced users to set allow-opts in pf rules.
Better let multicast work by default.  Detect router alerts by
parsing IP options and hop by hop headers.  If the packet has only
this option and is a multicast control packet, do not block it due
to bad options.
tested by otto@; OK sashan@
sys/net/pf.c diff | blob | history
sys/net/pfvar_priv.h diff | blob | history
OpenBSD src
by Ahmet Artu Yildirim