>Number:         17974
>Category:       kern
>Synopsis:       outgoing icmp6 is not logged correctly by ipf
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    kern-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Sat Aug 17 13:28:00 PDT 2002
>Closed-Date:
>Last-Modified:
>Originator:     Michael van Elst
>Release:        NetBSD 1.6_RC1
>Organization:
-dis
>Environment:
System: NetBSD pepew 1.6_RC1 NetBSD 1.6_RC1 (PEPEW) #13: Tue Aug 13 00:50:39 MEST 2002 src@pepew:/amd/fud/d/0/src/sys/arch/i386/compile/PEPEW i386
Architecture: i386
Machine: i386
>Description:
On an IPv6 machine use an IPF configuration like:

pass out log all

and run ipmon. You will see output like:

Aug 17 22:02:01 pepew ipmon[138]: 22:02:01.037688 wi0 @0:8 p 2001:680:1:0:260:1dff:fe1e:d58a -> 2001:680:1::2 PR icmpv6 len 40 32 icmpv6 icmpv6type(77)/76 OUT 
Aug 17 22:02:01 pepew ipmon[138]: 22:02:01.315341 wi0 @0:8 p 2001:680:1:0:260:1dff:fe1e:d58a -> 2001:680:1::2 PR icmpv6 len 40 24 icmpv6 icmpv6type(77)/76 OUT 

with an unknown icmpv6type. In reality these are the neighbour solicitation
packets. Tcpdump shows them correctly.

>How-To-Repeat:

Configure machine for IPv6 autohost. Use rtsol or rtsold.
Configure IP-Filter to log outgoing IPv6 traffic.
Run ipmon.


>Fix:

No fix but a workaround. Changing the configuration to

pass out log body all

results in correct output:

Aug 17 22:13:31 pepew ipmon[138]: 22:13:31.162175 wi0 @0:8 p 2001:680:1:0:260:1dff:fe1e:d58a -> 2001:680:1::2 PR icmpv6 len 40 32 icmpv6 neighborsolicit/0 OUT 
Aug 17 22:13:31 pepew ipmon[138]: 22:13:31.179069 wi0 @0:8 p 2001:680:1:0:260:1dff:fe1e:d58a -> 2001:680:1::2 PR icmpv6 len 40 24 icmpv6 neighboradvert/0 OUT 

Apparently the kernel code does not push enough data to ipmon and ipmon
logs undefined content from the buffer.

>Release-Note:
>Audit-Trail:
>Unformatted: