00464bff96
Do not invoke IPv4 NAT handler for non IPv4 packets. Libalias expects a packet is IPv4. And in case when it is IPv6, it just translates them as IPv4. This leads to corruption and in some cases to panics. In particular a panic can happen when value of ip6_plen modified to something that leads to IP fragmentation, but actual packet length does not match the IP length. Packets that are not IPv4 will be dropped by NAT rule. Reported by: Viktor Dukhovni <freebsd at dukhovni dot org> MFC after: 1 week |
||
---|---|---|
.. | ||
ipfw | ||
pf |