d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
543769bf83
freebsd-dev/sys/netinet6
History
Kyle Evans 1e9b8db9b2 ipv6: quit dropping packets looping back on p2p interfaces 
To paraphrase the below-referenced PR:

This logic originated in the KAME project, and was even controversial when
it was enabled there by default in 2001. No such equivalent logic exists in
the IPv4 stack, and it turns out that this leads to us dropping valid
traffic when the "point to point" interface is actually a 1:many tun
interface, e.g. with the wireguard userland stack.

Even in the case of true point-to-point links, this logic only avoids
transient looping of packets sent by misconfigured applications or
attackers, which can be subverted by proper route configuration rather than
hardcoded logic in the kernel to drop packets.

In the review, melifaro goes on to note that the kernel can't fix it, so it
perhaps shouldn't try to be 'smart' about it. Additionally, that TTL will
still kick in even with incorrect route configuration.

PR:		247718
Reviewed by:	melifaro, rgrimes
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D25567
2020-08-31 01:45:48 +00:00
..
dest6.c Fix m_pullup() problem after removing PULLDOWN_TESTs and KAME EXT_*macros. 2019-12-01 00:22:04 +00:00
frag6.c Mark more nodes as CTLFLAG_MPSAFE or CTLFLAG_NEEDGIANT (17 of many) 2020-02-26 14:26:36 +00:00
icmp6.c Fix IPv6 regression introduced by r362900. 2020-07-03 08:06:26 +00:00
icmp6.h
in6_cksum.c
in6_fib.c Move net/route/shared.h definitions to net/route/route_var.h. 2020-08-28 22:50:20 +00:00
in6_fib.h Complete conversions from fib<4|6>_lookup_nh_<basic|ext> to fib<4|6>_lookup(). 2020-07-02 21:04:08 +00:00
in6_gif.c Switch gif(4) path verification to fib[46]_check_urfp(). 2020-05-28 07:26:18 +00:00
in6_ifattach.c Make sure the multicast release tasks are properly drained when 2020-08-10 10:46:08 +00:00
in6_ifattach.h
in6_jail.c
in6_mcast.c Use a static initializer for the multicast free tasks. 2020-08-11 08:31:40 +00:00
in6_pcb.c Allow TCP to reuse local port with different destinations 2020-05-18 22:53:12 +00:00
in6_pcb.h Allow TCP to reuse local port with different destinations 2020-05-18 22:53:12 +00:00
in6_pcbgroup.c
in6_proto.c Simplify dom_<rtattach|rtdetach>. 2020-08-14 21:29:56 +00:00
in6_rmx.c Move net/route/shared.h definitions to net/route/route_var.h. 2020-08-28 22:50:20 +00:00
in6_rss.c
in6_rss.h
in6_src.c Complete conversions from fib<4|6>_lookup_nh_<basic|ext> to fib<4|6>_lookup(). 2020-07-02 21:04:08 +00:00
in6_var.h Simplify dom_<rtattach|rtdetach>. 2020-08-14 21:29:56 +00:00
in6.c Make net.inet6.ip6.deembed_scopeid behaviour default & remove sysctl. 2020-08-15 11:37:44 +00:00
in6.h Convert route caching to nexthop caching. 2020-04-25 09:06:11 +00:00
ip6_ecn.h
ip6_fastfwd.c Convert IP/IPv6 forwarding, ICMP processing and IP PCB laddr selection to 2020-04-14 23:06:25 +00:00
ip6_forward.c ipv6: quit dropping packets looping back on p2p interfaces 2020-08-31 01:45:48 +00:00
ip6_gre.c Introduce NET_EPOCH_CALL() macro and use it everywhere where we free 2020-01-15 06:05:20 +00:00
ip6_id.c ip6_randomflowlabel: Avoid blocking if random(4) is not available 2019-04-23 17:18:20 +00:00
ip6_input.c Mark more nodes as CTLFLAG_MPSAFE or CTLFLAG_NEEDGIANT (17 of many) 2020-02-26 14:26:36 +00:00
ip6_mroute.c Mark more nodes as CTLFLAG_MPSAFE or CTLFLAG_NEEDGIANT (17 of many) 2020-02-26 14:26:36 +00:00
ip6_mroute.h
ip6_output.c ip6_output(): Check the return value of in6_getlinkifnet(). 2020-07-30 17:43:23 +00:00
ip6_var.h Convert route caching to nexthop caching. 2020-04-25 09:06:11 +00:00
ip6.h
ip6protosw.h
ip_fw_nat64.h Reapply r345274 with build fixes for 32-bit architectures. 2019-03-19 10:57:03 +00:00
ip_fw_nptv6.h Add ability to use dynamic external prefix in ipfw_nptv6 module. 2018-11-12 11:20:59 +00:00
mld6_var.h icmpv6: Fix mbuf change in mld 2019-11-18 21:59:47 +00:00
mld6.c mld6: initialize oifp to avoid bogus results/panics in edge cases 2020-02-28 11:16:41 +00:00
mld6.h
nd6_nbr.c Remove RADIX_MPATH headers, they were unused since r293159. 2020-04-11 07:56:11 +00:00
nd6_rtr.c Transition from rtrequest1_fib() to rib_action(). 2020-07-21 19:56:13 +00:00
nd6.c Transition from rtrequest1_fib() to rib_action(). 2020-07-21 19:56:13 +00:00
nd6.h Switch inet6 default route subscription to the new rib subscription api. 2020-07-12 11:24:23 +00:00
pim6_var.h
pim6.h
raw_ip6.c Make ip6_output() and ip_output() require network epoch. 2020-01-22 05:51:22 +00:00
raw_ip6.h
route6.c Fix m_pullup() problem after removing PULLDOWN_TESTs and KAME EXT_*macros. 2019-12-01 00:22:04 +00:00
scope6_var.h Make net.inet6.ip6.deembed_scopeid behaviour default & remove sysctl. 2020-08-15 11:37:44 +00:00
scope6.c Make net.inet6.ip6.deembed_scopeid behaviour default & remove sysctl. 2020-08-15 11:37:44 +00:00
sctp6_usrreq.c Retire SCTP_SO_LOCK_TESTING. 2020-06-07 14:39:20 +00:00
sctp6_var.h
send.c
send.h
tcp6_var.h Remove tcp_rtlookup6() function signature. 2020-04-13 08:26:11 +00:00
udp6_usrreq.c IPV6_PKTINFO support for v4-mapped IPv6 sockets 2020-08-07 15:13:53 +00:00
udp6_var.h