Date: Thu, 8 Jun 2006 12:20:45 +0200 From: John Hay <jhay@meraka.org.za> To: freebsd-ipfw@freebsd.org Subject: Unknown Extension Header(103) Message-ID: <20060608102044.GA31577@zibbi.meraka.csir.co.za>
next in thread | raw e-mail | index | archive | help
Hi,
I have tried to upgrade our firewall/router from 5.3 to 6.1-stable and
ran into these messages:
IPFW2: IPV6 - Unknown Extension Header(103), ext_hd=0
There were so many that the machine got stuck. It turns out that ipfw
did not like the pim multicast packets on ipv6. I think I have fixed
the problem for now with the patch below. Is my patch acceptable? Can
I commit it?
One thing that bothers me a bit is the printf in the default case that
is not rate limitted and you are not able to switch it off via a sysctl
or something. Should it stay like that?
The message is also a bit misleading I think.
John
--
John Hay -- John.Hay@meraka.csir.co.za / jhay@FreeBSD.org
Index: ip_fw2.c
===================================================================
RCS file: /home/ncvs/src/sys/netinet/ip_fw2.c,v
retrieving revision 1.106.2.13
diff -u -r1.106.2.13 ip_fw2.c
--- ip_fw2.c 2 Jun 2006 04:02:06 -0000 1.106.2.13
+++ ip_fw2.c 8 Jun 2006 09:12:09 -0000
@@ -71,6 +71,7 @@
#include <netinet/ip_fw.h>
#include <netinet/ip_divert.h>
#include <netinet/ip_dummynet.h>
+#include <netinet/pim.h>
#include <netinet/tcp.h>
#include <netinet/tcp_timer.h>
#include <netinet/tcp_var.h>
@@ -2274,6 +2275,11 @@
PULLUP_TO(hlen, ulp, struct ip6_ext);
break;
+ case IPPROTO_PIM:
+ /* XXX PIM header check? */
+ PULLUP_TO(hlen, ulp, struct pim);
+ break;
+
default:
printf("IPFW2: IPV6 - Unknown Extension "
"Header(%d), ext_hd=%x\n", proto, ext_hd);
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20060608102044.GA31577>