Subject: kern/17974: IP Filter logs icmp6 packets incorrectly
To: None <gnats-bugs@gnats.netbsd.org>
From: None <mlelstv@serpens.de>
List: netbsd-bugs
Date: 08/17/2002 22:27:53
>Number: 17974
>Category: kern
>Synopsis: outgoing icmp6 is not logged correctly by ipf
>Confidential: no
>Severity: non-critical
>Priority: medium
>Responsible: kern-bug-people
>State: open
>Class: sw-bug
>Submitter-Id: net
>Arrival-Date: Sat Aug 17 13:28:00 PDT 2002
>Closed-Date:
>Last-Modified:
>Originator: Michael van Elst
>Release: NetBSD 1.6_RC1
>Organization:
-dis
>Environment:
System: NetBSD pepew 1.6_RC1 NetBSD 1.6_RC1 (PEPEW) #13: Tue Aug 13 00:50:39 MEST 2002 src@pepew:/amd/fud/d/0/src/sys/arch/i386/compile/PEPEW i386
Architecture: i386
Machine: i386
>Description:
On an IPv6 machine use an IPF configuration like:
pass out log all
and run ipmon. You will see output like:
Aug 17 22:02:01 pepew ipmon[138]: 22:02:01.037688 wi0 @0:8 p 2001:680:1:0:260:1dff:fe1e:d58a -> 2001:680:1::2 PR icmpv6 len 40 32 icmpv6 icmpv6type(77)/76 OUT
Aug 17 22:02:01 pepew ipmon[138]: 22:02:01.315341 wi0 @0:8 p 2001:680:1:0:260:1dff:fe1e:d58a -> 2001:680:1::2 PR icmpv6 len 40 24 icmpv6 icmpv6type(77)/76 OUT
with an unknown icmpv6type. In reality these are the neighbour solicitation
packets. Tcpdump shows them correctly.
>How-To-Repeat:
Configure machine for IPv6 autohost. Use rtsol or rtsold.
Configure IP-Filter to log outgoing IPv6 traffic.
Run ipmon.
>Fix:
No fix but a workaround. Changing the configuration to
pass out log body all
results in correct output:
Aug 17 22:13:31 pepew ipmon[138]: 22:13:31.162175 wi0 @0:8 p 2001:680:1:0:260:1dff:fe1e:d58a -> 2001:680:1::2 PR icmpv6 len 40 32 icmpv6 neighborsolicit/0 OUT
Aug 17 22:13:31 pepew ipmon[138]: 22:13:31.179069 wi0 @0:8 p 2001:680:1:0:260:1dff:fe1e:d58a -> 2001:680:1::2 PR icmpv6 len 40 24 icmpv6 neighboradvert/0 OUT
Apparently the kernel code does not push enough data to ipmon and ipmon
logs undefined content from the buffer.
>Release-Note:
>Audit-Trail:
>Unformatted: