1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
|
Idea to think about: --salt 3b5b91c5a2 XOR client addresses for some more privacy
the salt can be added e.g. when restarting router/iptables or may be generated for
a particular host once. Purpose: hide MAC addresses behind the address mapping
gateway
Check compat with tcpdump. Linux2.4 needs to copy skb() for that, but it oopses
Update csum, see http://www.faqs.org/rfcs/rfc1624.html for these
protos (see http://www.firstpr.com.au/ip/ivip/checksums/ ):
IPPROTO_TCP, IPPROTO_UDP, IPPROTO_DCCP, IPPROTO_AH?, IPPROTO_ICMPV6, IPPROTO_UDPLITE
break NEXTHDR_NONE
Evnt mit ipv6_gso_pull_exthdrs() oder ipv6_find_hdr() oder nf_ct_ipv6_skip_exthdr()
Evnt linux-2.4: mit ipv6_skip_exthdr()
unsigned int ptr = skb_network_offset(skb) + sizeof(struct ipv6hdr);
u_int8_t c = ipv6hdr.nexthdr;
while (c != NEXTHDR_NONE && ip6t_ext_hdr(currenthdr)) {
const struct ipv6_opt_hdr *hp = skb_header_pointer(skb, ptr, sizeof(_hdr), &_hdr);
switch(c) {
case IPPROTO_FRAGMENT:
hdrlen = 8;
break;
case IPPROTO_DSTOPTS:
case IPPROTO_ROUTING:
case IPPROTO_HOPOPTS:
hdrlen = ipv6_optlen(hp);
break;
case IPPROTO_AH:
hdrlen = (hp->hdrlen+2)<<2;
break;
default:
return;
}
c = hp->nexthdr;
ptr += hdrlen;
}
gai.conf ip ranges:
::1/128 0 (localhost)
::/0 1 (?all IPv6, including global unicast?)
2002::/16 2 (6to4)
::/96 3 (ipv4 compat, deprecated)
::ffff:0:0/96 4 (ipv4 mapped)
fec0::/10 5 (ubuntu, site local unicast, deprecated)
fc00::/7 6 (ubuntu, unique local unicast)
2001:0::/32 7 (ubuntu, teredo)
2000::/3 (global unicast)
2001::/16 (for ISPs)
2001:db8::/32 (doku)
3ffe::/16 (6bone)
|
