kern/75121: Wrong behaviour of IFF_LINK2 bit in 6in6 gifs?

Gleb Smirnoff glebius at freebsd.org
Tue Jan 18 06:10:36 PST 2005


The following reply was made to PR kern/75121; it has been noted by GNATS.

From: Gleb Smirnoff <glebius at freebsd.org>
To: Antonio Tapiador del Dujo <atapiador at dit.upm.es>
Cc: FreeBSD-gnats-submit at freebsd.org
Subject: Re: kern/75121: Wrong behaviour of IFF_LINK2 bit in 6in6 gifs?
Date: Tue, 18 Jan 2005 17:06:25 +0300

   Antonio,
 
 On Tue, Jan 18, 2005 at 01:51:01PM +0100, Antonio Tapiador del Dujo wrote:
 A> > The IFF_LINK2 means that incoming tunnel packets may come from interface
 A> > different to interface we use for sending out tunnel packets.
 A> 
 A> gif(4) man page talks about ingress filtering:
 A> "Ingress filtering can be turned off by IFF_LINK2 bit."
 A> that has to do with source addresses (RFC 2893, section 4.3)
 A> Then maybe this is a gif(4) man page bug. 
 
 Yes, it is I think. Section 4.3 speaks about other kind of filtering.
 
 A> > If you don't mind, I close the PR.
 A>  
 A> Anyway I don't see why not to give the choice, because somebody who sets 
 A> IFF_LINK2 knows what is doing (or maybe not :)).
 
 gif(4) is based on RFC 2893, but does not implements it. We do not support
 loose endpoints of a tunnel, or a list of accepted endpoints.
 
 I think we should correct the manpage and close PR. I'm not sure that
 driver will survive removing the check for matching endpoints. If you are going
 to implement RFC 2893 in full scope, you are welcome :)
 
 I will ask ume to look at this PR.
 
 -- 
 Totus tuus, Glebius.
 GLEBIUS-RIPN GLEB-RIPE


More information about the freebsd-bugs mailing list