[Bug 201695] [PATCH] pf.conf syntax (interface:0) incorrectly results in IPv6 link-local address

[bugzilla-noreply at freebsd.org]

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=201695

            Bug ID: 201695
           Summary: [PATCH] pf.conf syntax (interface:0) incorrectly
                    results in IPv6 link-local address
           Product: Base System
           Version: 10.1-RELEASE
          Hardware: Any
                OS: Any
            Status: New
          Keywords: patch
          Severity: Affects Many People
          Priority: ---
         Component: kern
          Assignee: freebsd-bugs at FreeBSD.org
          Reporter: Russell.Yount at gmail.com
          Keywords: patch

The pf.conf syntax '(interface:0)' incorrectly results in IPv6 link-local
address rather than route-able IPv6 address. Patch included at end of this
description. 

PF.CONF(5) should also be updated. It states:

Host names may also have the :0 option appended to restrict the
name resolution to the first of each v4 and v6 address found.

Should be:

Host names may also have the :0 option appended to restrict the
name resolution to the first of each v4 and non-link-local v6 address found.

Patch:

--- usr/src/sys/netpfil/pf/pf_if.c.orig 2015-07-19 12:46:23.000000000 -0500
+++ usr/src/sys/netpfil/pf/pf_if.c      2015-07-19 12:49:01.000000000 -0500
@@ -522,7 +522,7 @@
                if ((flags & PFI_AFLAG_PEER) &&
                    !(ifp->if_flags & IFF_POINTOPOINT))
                        continue;
-               if ((flags & PFI_AFLAG_NETWORK) && af == AF_INET6 &&
+               if ((flags & (PFI_AFLAG_NETWORK|PFI_AFLAG_NOALIAS)) && af ==
AF_INET6 &&
                    IN6_IS_ADDR_LINKLOCAL(
                    &((struct sockaddr_in6 *)ia->ifa_addr)->sin6_addr))
                        continue;

-- 
You are receiving this mail because:
You are the assignee for the bug.