On Sat, Feb 04, 2006 at 12:59:41AM +0100, Jonas Davidsson wrote: > Pf does not seem to allow UDP packets destined for port 0 out, TCP packets to > the same port pass without problems. > If nothing else, this breaks nmaps os-detection mode. > > with 'pass quick on em0' > [send_ip] sendto: No route to host > > with 'set skip on em0': > ICMP Port Unreachable from ip=192.168.1.10 > > Is this intentional and if so, why?
there are a couple 'uh.uh_dport == 0' tests in net/pf.c.... as to why? a little googling around and the most appropriate post i could find was a netbsd post from itojun [1] in which he asks about the behaviour of dest port 0 being interpreted as undefined. don't know if this is a good match for the reason, but it seems plausible. might find some info in libsa/net.c too, but it's a bit too rich for my blood in there. [1] - http://mail-index.netbsd.org/tech-net/2000/01/08/0000.html -- jared [ openbsd 3.9-beta GENERIC ( jan 30 ) // i386 ]
