IPPROTO_DIVERT and PF_INET6
JINMEI Tatuya / 神明達哉
Jinmei_Tatuya at isc.org
Mon May 5 19:18:32 UTC 2008
At Sat, 3 May 2008 20:00:43 +1000,
Edwin Groothuis <edwin at mavetju.org> wrote:
> Before somebody shoots me down on it: I know that ipfw_divert() is
> not suitable for IPv6 packets.
[snip]
> which is what I expected. So why doesn't this get displayed for the
> IPv6 sockets?
I don't know much about IPDIVERT, but it seems to me this is simply
because the IPv6 stack (sys/netinet6) doesn't support divert sockets.
So opening an AF_INET6 socket with the protocol being IPPROTO_DIVERT
(which is "unknown")
sin = socket(PF_INET6, SOCK_RAW, IPPROTO_DIVERT);
matches a wildcard protosw
/* raw wildcard */
{
.pr_type = SOCK_RAW,
.pr_domain = &inet6domain,
.pr_flags = PR_ATOMIC|PR_ADDR,
.pr_input = rip6_input,
.pr_output = rip6_output,
.pr_ctloutput = rip6_ctloutput,
.pr_usrreqs = &rip6_usrreqs
},
whose pr_protocol is implicitly set to 0, which is (accidentally)
interpreted by lsof as "HOPOPTS".
This should provide a direct answer to you question of "why"? But I
suspect the underlying question is why divert sockets aren't supported
for IPv6. I don't know why.
---
JINMEI, Tatuya
Internet Systems Consortium, Inc.
More information about the freebsd-net
mailing list