Module Name: src
Committed By: maxv
Date: Sat Mar 17 10:42:24 UTC 2018
Modified Files:
src/sys/net/npf: npf_sendpkt.c
Log Message:
Set the scopes before calling icmp6_error(). This fixes a bug similar to
the one I fixed in rev1.17: since the scopes were not set the packet was
never actually sent.
Tested with wireshark, now the ICMPv6 reply is correctly sent, as
expected.
To generate a diff of this commit:
cvs rdiff -u -r1.17 -r1.18 src/sys/net/npf/npf_sendpkt.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/net/npf/npf_sendpkt.c
diff -u src/sys/net/npf/npf_sendpkt.c:1.17 src/sys/net/npf/npf_sendpkt.c:1.18
--- src/sys/net/npf/npf_sendpkt.c:1.17 Wed Mar 14 09:32:04 2018
+++ src/sys/net/npf/npf_sendpkt.c Sat Mar 17 10:42:23 2018
@@ -1,4 +1,4 @@
-/* $NetBSD: npf_sendpkt.c,v 1.17 2018/03/14 09:32:04 maxv Exp $ */
+/* $NetBSD: npf_sendpkt.c,v 1.18 2018/03/17 10:42:23 maxv Exp $ */
/*-
* Copyright (c) 2010-2011 The NetBSD Foundation, Inc.
@@ -35,7 +35,7 @@
#ifdef _KERNEL
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: npf_sendpkt.c,v 1.17 2018/03/14 09:32:04 maxv Exp $");
+__KERNEL_RCSID(0, "$NetBSD: npf_sendpkt.c,v 1.18 2018/03/17 10:42:23 maxv Exp $");
#include <sys/param.h>
#include <sys/types.h>
@@ -213,6 +213,18 @@ npf_return_icmp(const npf_cache_t *npc)
icmp_error(m, ICMP_UNREACH, ICMP_UNREACH_ADMIN_PROHIBIT, 0, 0);
return 0;
} else if (npf_iscached(npc, NPC_IP6)) {
+ /* Handle IPv6 scopes */
+ const struct ifnet *rcvif = npc->npc_nbuf->nb_ifp;
+ struct ip6_hdr *ip6 = mtod(m, struct ip6_hdr *);
+ if (in6_clearscope(&ip6->ip6_src) ||
+ in6_clearscope(&ip6->ip6_dst)) {
+ return EINVAL;
+ }
+ if (in6_setscope(&ip6->ip6_src, rcvif, NULL) ||
+ in6_setscope(&ip6->ip6_dst, rcvif, NULL)) {
+ return EINVAL;
+ }
+
icmp6_error(m, ICMP6_DST_UNREACH, ICMP6_DST_UNREACH_ADMIN, 0);
return 0;
}
