artulab
projects / openbsd / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: c6fb4e3) | patch
Block IPv6 packets in pf(4) that have hop-by-hop options header or
authorbluhm <bluhm@openbsd.org>
Wed, 31 May 2017 09:19:10 +0000 (09:19 +0000)
committerbluhm <bluhm@openbsd.org>
Wed, 31 May 2017 09:19:10 +0000 (09:19 +0000)
commitc50c83ac27b9e1d07521f7703030803d53c7c0ad
tree8a8cc0aed9f9d27f6fd4ce0f6dd10152dce97dcdtree | snapshot
parentc6fb4e3c5e9d4b5e696205c580386f8ea234fda1commit | diff
Block IPv6 packets in pf(4) that have hop-by-hop options header or
destination options header.  Such packets can be passed by adding
"allow-opts" to the rule.  So IPv6 options are handled like their
counterpart in IPv4 now.
tested by benno@; OK henning@
share/man/man5/pf.conf.5 diff | blob | history
sys/net/pf.c diff | blob | history
OpenBSD src
by Ahmet Artu Yildirim