Sunday, September 01, 2024

what is the fundamental difference between icmpv6 for ff02::1 and for ff02::2?

7.5 amd64
i'm not very smart and i can't understand what great idea was behind, but today i discovered something unexpected for me.
simple config:
set skip on { lo }
@0 block drop log (all) all
@1 pass log (all) quick from (self:*) to any flags S/SA
@2 pass log (all) quick inet6 proto ipv6-icmp all

# ping6 ff02::1%igc0
rule 1/(match) [uid 0, pid 10218] pass out on igc0: fe80::62be:b4ff:fe04:30e4 > ff02::1: icmp6: echo request (id:a42a seq:0) (len 64, hlim 64)
rule 1/(match) [uid 0, pid 10218] pass in on igc0: fe80::b24e:26ff:fe56:6a8a > fe80::62be:b4ff:fe04:30e4: icmp6: echo reply (id:a42a seq:0) (len 64, hlim 255)
rule 1/(match) [uid 0, pid 10218] pass in on igc0: fe80::e6c3:2aff:fe35:fc5 > fe80::62be:b4ff:fe04:30e4: icmp6: echo reply (id:a42a seq:0) (len 64, hlim 255)
rule 1/(match) [uid 0, pid 10218] pass in on igc0: fe80::1ad6:c7ff:fe73:d6a3 > fe80::62be:b4ff:fe04:30e4: icmp6: echo reply (id:a42a seq:0) (len 64, hlim 64)
rule 1/(match) [uid 0, pid 10218] pass in on igc0: fe80::127b:efff:fe56:36e9 > fe80::62be:b4ff:fe04:30e4: icmp6: echo reply (id:a42a seq:0) (len 64, hlim 64)
rule 1/(match) [uid 0, pid 10218] pass in on igc0: fe80::ee43:f6ff:fe02:2f41 > fe80::62be:b4ff:fe04:30e4: icmp6: echo reply (id:a42a seq:0) (len 64, hlim 64)
bla-bla

# ping6 ff02::2%igc0
rule 1/(match) [uid 0, pid 10218] pass out on igc0: fe80::62be:b4ff:fe04:30e4 > ff02::2: icmp6: echo request (id:1caf seq:0) (len 64, hlim 64)
rule 0/(match) [uid 0, pid 10218] block in on igc0: fe80::9ade:d0ff:fe80:2139 > fe80::62be:b4ff:fe04:30e4: icmp6: echo reply (id:1caf seq:0) (len 64, hlim 64)
rule 0/(match) [uid 0, pid 10218] block in on igc0: fe80::1ad6:c7ff:fe73:d6a3 > fe80::62be:b4ff:fe04:30e4: icmp6: echo reply (id:1caf seq:0) (len 64, hlim 64)
rule 0/(match) [uid 0, pid 10218] block in on igc0: fe80::be62:ceff:fef2:a442 > fe80::62be:b4ff:fe04:30e4: icmp6: echo reply (id:1caf seq:0) (len 64, hlim 64)
rule 0/(match) [uid 0, pid 10218] block in on igc0: fe80::8616:f9ff:fe7f:1a11 > fe80::62be:b4ff:fe04:30e4: icmp6: echo reply (id:1caf seq:0) (len 64, hlim 64)
rule 0/(match) [uid 0, pid 10218] block in on igc0: fe80::f6f2:6dff:fede:a463 > fe80::62be:b4ff:fe04:30e4: icmp6: echo reply (id:1caf seq:0) (len 64, hlim 64)
bla-bla

please explain what's wrong with me?! i guess that in the second case "the owls are not what they seem", that icmp6 is not icmp6 at all.. but what is it then?

No comments:

Post a Comment