lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:	Sat, 28 Sep 2013 15:57:50 -0400 (EDT)
From:	David Miller <>
Subject: Re: [PATCH v5] IPv6 NAT: Do not drop DNATed 6to4/6rd packets

From: Hannes Frederic Sowa <>
Date: Tue, 24 Sep 2013 23:36:06 +0200

> On Mon, Sep 23, 2013 at 11:04:19PM +0300, Catalin(ux) M. BOIE wrote:
>> When a router is doing  DNAT for 6to4/6rd packets the latest anti-spoofing
>> patch (218774dc) will drop them because the IPv6 address embedded
>> does not match the IPv4 destination. This patch will allow them to
>> pass by testing if we have an address that matches on 6to4/6rd interface.
>> I have been hit by this problem using Fedora and IPV6TO4_IPV4ADDR.
>> Also, log the dropped packets (with rate limit).
>> Signed-off-by: Catalin(ux) M. BOIE <>
> Acked-by: Hannes Frederic Sowa <>

Applied, but Catalin please strictly refer to changes in the following
precise format:

	commit $SHA1_ID ("Commit message header line text")

Because SHA1_IDs are ambiguous, especially when the change in question
is backported into various -stable branches.

The only way to resolve the ambiguity is to provide the commit message
text (in parenthesis and double quotes).
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to
More majordomo info at

Powered by blists - more mailing lists