You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
ICMPv6 error messages defined in Section 3 of RFC4443 include "As much of invoking packet as possible without the ICMPv6 packet exceeding the minimum IPv6 MTU". This means that they include the IPv6 header of the original packet that triggered the ICMPv6 error message.
Tcprewrite does not not process the contents of ICMPv6 error messages, so does not re-write the IPv6 addresses in the original packet appended to the error message.
This poses two problems:
packet captures re-written with Tcprewrite do not maintain compliance with RFC4443
if used for packet capture sanitisation, ICMPv6 error messages leak the original IP addresses. As Destination Unreachable (type 1) and Time Exceeded (type 3) messages are not uncommon, this is a notable leak risk.
To Reproduce
Create a packet capture containing an ICMPv6 error message that includes the invoking packet. Example packet capture: ttl.pcap.gz
Re-write the packet capture. For the example Pcap, try
ICMPv6 error messages defined in Section 3 of RFC4443 include "As much of invoking packet as possible without the ICMPv6 packet exceeding the minimum IPv6 MTU". This means that they include the IPv6 header of the original packet that triggered the ICMPv6 error message.
Tcprewrite does not not process the contents of ICMPv6 error messages, so does not re-write the IPv6 addresses in the original packet appended to the error message.
This poses two problems:
To Reproduce
ttl-anon.pcap.gz
The text was updated successfully, but these errors were encountered: