'ipv6' type in /etc/protocols ?
Luigi Rizzo
rizzo at icir.org
Wed Jan 14 01:29:15 PST 2004
hi,
in implementing ipv6 support for ipfw2, i hit the following
problem: /etc/protocols has an entry:
ipv6 41 IPV6 # ipv6
which is somewhat confusing for the parser -- if you
type something like
ipfw add allow ipv6 from foo to bar
the "ipv6" will match in the call to getprotobyname() and
the above will be translated into a rule that matches packets with
ip->ip_proto == 41 (6 is TCP, 17 is UDP, etc.), while i presume
that what one would really want with the above notation is to
match IPv6 packets, i.e.
+ layer2 packets with mac-type 0x86dd (ipv6)
+ layer3 packets with ip->ip_v == 6
Now, i can put a special case for the keyword 'ipv6', but
I wonder, what do we do with ip->ip_proto == 41 ? Does it
make sense to handle this request ? And in this case,
what name do we use for it to avoid conflicts ?
Looking at /sys/netinet/in.h, it appears that
ip_proto == 4 and 41 refer to encapsulations of ipv4 and ipv6
into ip...
cheers
luigi
More information about the freebsd-net
mailing list