[Battlemesh] battlemesh v6 test data postprocessing

Dave Taht dave.taht at gmail.com
Tue May 20 22:02:44 UTC 2014 

On Tue, May 20, 2014 at 2:55 PM, Gui Iribarren <gui at altermundi.net> wrote:
> On 20/05/14 15:18, Juliusz Chroboczek wrote:
>>>> "Operation not permitted" is what you get if you trigger a REJECT rule
>>>> in the local firewall.
>>
>>> If i don't remember bad you get that message also if you have routes with
>>> target prohibit or stuff like that
>>
>> Hmm, bizarrer and bizarrer.
>>
>> Babel doesn't use prohibit routes
>
> it's openwrt default iproute rules
>
> i dug this a week ago and found out it's an openwrt-specific thing,
> introduced by:
> https://dev.openwrt.org/browser/trunk/target/linux/generic/patches-3.8/670-ipv6-allow-rejecting-with-source-address-failed-policy.patch?rev=36911
>
> which produces the following example
>
> root at beixaflor:~# ip -6 ru
> 0:      from all lookup local
> 32766:  from all lookup main
> 4200000001:     from all iif lo failed_policy
> 4200000008:     from all iif br-lan failed_policy
> 4200000011:     from all iif eth1.11 failed_policy
> 4200000012:     from all iif eth1.12 failed_policy
> 4200000013:     from all iif eth1.5 failed_policy
> 4200000014:     from all iif wlan1_adhoc failed_policy
> 4200000015:     from all iif wlan0_adhoc failed_policy
> 4200000019:     from all iif anygw failed_policy
> 4200000020:     from all iif wlan0_adhoc.11 failed_policy
> 4200000021:     from all iif wlan0_adhoc.12 failed_policy
> 4200000022:     from all iif wlan1_adhoc.11 failed_policy
> 4200000023:     from all iif wlan1_adhoc.12 failed_policy

There is another problem I've had of late in that openwrt
sometimes refuses to give a X/32 address to some interfaces.

> Cheers!
>
> gui
>
>> -- its loop-avoidance mechanism uses
>> unreachable routes, which give (quite reasonably) EUNREACH:
>>
>>   Network is unreachable
>>
>> However, neither prohibit routes nor REJECT rules give the error
>> above, they give EACCESS:
>>
>>   Permission denied
>>
>> The message shown in the logs is EPERM:
>>
>>   Operation not permitted
>>
>> Confused yet?
>>
>> -- Juliusz
>> _______________________________________________
>> Battlemesh mailing list
>> Battlemesh at ml.ninux.org
>> http://ml.ninux.org/mailman/listinfo/battlemesh
>>
> _______________________________________________
> Battlemesh mailing list
> Battlemesh at ml.ninux.org
> http://ml.ninux.org/mailman/listinfo/battlemesh



-- 
Dave Täht

NSFW: https://w2.eff.org/Censorship/Internet_censorship_bills/russell_0296_indecent.article

More information about the Battlemesh mailing list