Subject: bin/15460: ICMPv6 type in ipfilter (src/dist/ipf/parse.c rev. 1.8)
To: None <gnats-bugs@gnats.netbsd.org>
From: None <naoki@fukaumi.org>
List: netbsd-bugs
Date: 02/02/2002 16:37:21
>Number: 15460
>Category: bin
>Synopsis: ICMPv6 type in ipfilter (src/dist/ipf/parse.c rev. 1.8)
>Confidential: no
>Severity: serious
>Priority: high
>Responsible: bin-bug-people
>State: open
>Class: sw-bug
>Submitter-Id: net
>Arrival-Date: Fri Feb 01 23:38:00 PST 2002
>Closed-Date:
>Last-Modified:
>Originator:
>Release: NetBSD 1.5ZA
>Organization:
FUKAUMI Naoki
>Environment:
>Description:
I found recent changes in src/dist/ipf/parse.c. (rev. 1.8)
cvs log shows ipfstat will print ICMPv6 type in ipf rule.
from cvs log parse.c
> after this fix:
> 0 pass in quick proto ipv6-icmp from any to any icmp-type 8
Is icmp type 8 correct? If it means ICMP ECHO REQUEST, it should
be type 128.
from src/sys/netinet/icmp6.h
> #define ICMP6_ECHO_REQUEST 128 /* echo service */
>How-To-Repeat:
I didn't test it. If I'm wrong, sorry ;)
>Fix:
See src/sys/netinet/{fil.c, ip_fil.c}. icmptoicmp6types and
icmptoicmp6unreach are available.
I don't know these conversion table and framework matches the
Internet standards. (RFC, etc...)
>Release-Note:
>Audit-Trail:
>Unformatted: