mirror of
https://github.com/opnsense/src.git
synced 2026-02-15 08:38:13 -05:00
ipfw: Teach ipfw that EtherIP is an upper layer protocol
so that we do not discard EtherIP packets ( over IPv6 network ) when net.inet6.ip6.fw.deny_unknown_exthdrs is set to 1 ( which is the default value ). PR: 227450 Reviewed by: ae, #network MFC after: 1 week Differential Revision: https://reviews.freebsd.org/D52566 (cherry picked from commit 0418e6690e91aa6c38dd9af9da43c4c5a9dc1cd2) (cherry picked from commit b1c96e54b906d0cdea0b5a9c74cc295803dfe50e)
This commit is contained in:
Zhenlei Huang
Franco Fichtner
parent
af1182dbdc
commit
fd855fa228
1 changed files with 7 additions and 0 deletions
|
|
@ -67,6 +67,7 @@
|
|||
#include <net/route/nhop.h>
|
||||
#include <net/pfil.h>
|
||||
#include <net/vnet.h>
|
||||
#include <net/if_gif.h>
|
||||
#include <net/if_pfsync.h>
|
||||
|
||||
#include <netpfil/pf/pf_mtag.h>
|
||||
|
|
@ -1717,6 +1718,12 @@ do { \
|
|||
PULLUP_TO(hlen, ulp, struct ip);
|
||||
break;
|
||||
|
||||
case IPPROTO_ETHERIP: /* RFC 3378 */
|
||||
PULLUP_LEN(hlen, ulp,
|
||||
sizeof(struct etherip_header) +
|
||||
sizeof(struct ether_header));
|
||||
break;
|
||||
|
||||
case IPPROTO_PFSYNC:
|
||||
PULLUP_TO(hlen, ulp, struct pfsync_header);
|
||||
break;
|
||||
|
|
|
|||
Loading…
Reference in a new issue