<html><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space; ">Hi Pavlin and Bruce,<div><br></div><div>I just wanted to let the list know that I updated xorp from cvs and all is working out great. Thanks again for all the help and quick turnaroun. Great stuff!</div><div><br></div><div>stegen<br><div><div>On Oct 9, 2008, at 5:51 AM, Bruce M. Simpson wrote:</div><br class="Apple-interchange-newline"><blockquote type="cite">I actually submitted a patch to dhartmei@ to allow the RA option filter to be disabled by default, as this is almost always what bites us with PF on BSD systems.<br><br>Forwarding here to pick up in archives.<br><br>thanks<br>BMS<br><br><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px;"><span style="font-family:'Helvetica'; font-size:medium; color:rgba(0, 0, 0, 0.5);"><b>From: </b></span><span style="font-family:'Helvetica'; font-size:medium;">Bruce M Simpson <<a href="mailto:bms@incunabulum.net">bms@incunabulum.net</a>><br></span></div><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px;"><span style="font-family:'Helvetica'; font-size:medium; color:rgba(0, 0, 0, 0.5);"><b>Date: </b></span><span style="font-family:'Helvetica'; font-size:medium;">May 4, 2008 8:38:14 PM PDT<br></span></div><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px;"><span style="font-family:'Helvetica'; font-size:medium; color:rgba(0, 0, 0, 0.5);"><b>To: </b></span><span style="font-family:'Helvetica'; font-size:medium;"><a href="mailto:dhartmei@freebsd.org">dhartmei@freebsd.org</a>, Max Laier <<a href="mailto:max@love2party.net">max@love2party.net</a>>, Pavlin Radoslavov <<a href="mailto:pavlin@icir.org">pavlin@icir.org</a>><br></span></div><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px;"><span style="font-family:'Helvetica'; font-size:medium; color:rgba(0, 0, 0, 0.5);"><b>Subject: </b></span><span style="font-family:'Helvetica'; font-size:medium;"><b>[PATCH] PF: Allow IP Router Alert option by default</b><br></span></div><br><br>I've tested this in a virtual machine, against FreeBSD 6.3-RELEASE, and it looks fine.<br><br>I'd like to commit it as soon as possible if there are no objections.<br><br> Performance impact should be negligible, though I haven't measured. The pf_pull_hdr() call is however required as you know, the mbuf chain might not be pulled up.<br><br> The match is a loose match, although the RA option must come right after the header. This is the norm for the implementations I've seen. The value of the option isn't checked, I believe hardware router boxes don't either.<br><br> I deliberately rolled this to respect the existing values of "allow_opts", so that existing pfsync installations will continue to work; nodes which don't understand the PF_ALLOWOPTS_RA flag will treat it as "allow all options" however. Caveat user: should really upgrade redundant firewalls in tandem.<br><br> The syntax originally suggested ("allow-opts(RA)") doesn't work, because the parser treats '(' and ')' as special tokens which can't be part of other tokens, so I added a keyword "allow-ra-opt".<br><br>cheers<br>BMS<br>--- contrib/pf/pfctl/parse.y.orig<span class="Apple-tab-span" style="white-space:pre"> </span>2005-05-03 17:55:20.000000000 +0100<br>+++ contrib/pf/pfctl/parse.y<span class="Apple-tab-span" style="white-space:pre"> </span>2008-05-05 03:15:05.000000000 +0100<br>@@ -405,7 +405,8 @@<br> %token<span class="Apple-tab-span" style="white-space:pre"> </span>PASS BLOCK SCRUB RETURN IN OS OUT LOG LOGALL QUICK ON FROM TO FLAGS<br> %token<span class="Apple-tab-span" style="white-space:pre"> </span>RETURNRST RETURNICMP RETURNICMP6 PROTO INET INET6 ALL ANY ICMPTYPE<br> %token<span class="Apple-tab-span" style="white-space:pre"> </span>ICMP6TYPE CODE KEEP MODULATE STATE PORT RDR NAT BINAT ARROW NODF<br>-%token<span class="Apple-tab-span" style="white-space:pre"> </span>MINTTL ERROR ALLOWOPTS FASTROUTE FILENAME ROUTETO DUPTO REPLYTO NO LABEL<br>+%token<span class="Apple-tab-span" style="white-space:pre"> </span>MINTTL ERROR ALLOWOPTS ALLOWOPTSRA<br>+%token<span class="Apple-tab-span" style="white-space:pre"> </span>FASTROUTE FILENAME ROUTETO DUPTO REPLYTO NO LABEL<br> %token<span class="Apple-tab-span" style="white-space:pre"> </span>NOROUTE FRAGMENT USER GROUP MAXMSS MAXIMUM TTL TOS DROP TABLE<br> %token<span class="Apple-tab-span" style="white-space:pre"> </span>REASSEMBLE FRAGDROP FRAGCROP ANCHOR NATANCHOR RDRANCHOR BINATANCHOR<br> %token<span class="Apple-tab-span" style="white-space:pre"> </span>SET OPTIMIZATION TIMEOUT LIMIT LOGINTERFACE BLOCKPOLICY RANDOMID<br>@@ -1902,7 +1903,10 @@<br> <span class="Apple-tab-span" style="white-space:pre"> </span><span class="Apple-tab-span" style="white-space:pre"> </span><span class="Apple-tab-span" style="white-space:pre"> </span>filter_opts.fragment = 1;<br> <span class="Apple-tab-span" style="white-space:pre"> </span><span class="Apple-tab-span" style="white-space:pre"> </span>}<br> <span class="Apple-tab-span" style="white-space:pre"> </span><span class="Apple-tab-span" style="white-space:pre"> </span>| ALLOWOPTS {<br>-<span class="Apple-tab-span" style="white-space:pre"> </span><span class="Apple-tab-span" style="white-space:pre"> </span><span class="Apple-tab-span" style="white-space:pre"> </span>filter_opts.allowopts = 1;<br>+<span class="Apple-tab-span" style="white-space:pre"> </span><span class="Apple-tab-span" style="white-space:pre"> </span><span class="Apple-tab-span" style="white-space:pre"> </span>filter_opts.allowopts = PF_ALLOWOPTS_ALL;<br>+<span class="Apple-tab-span" style="white-space:pre"> </span><span class="Apple-tab-span" style="white-space:pre"> </span>}<br>+<span class="Apple-tab-span" style="white-space:pre"> </span><span class="Apple-tab-span" style="white-space:pre"> </span>| ALLOWOPTSRA {<br>+<span class="Apple-tab-span" style="white-space:pre"> </span><span class="Apple-tab-span" style="white-space:pre"> </span><span class="Apple-tab-span" style="white-space:pre"> </span>filter_opts.allowopts |= PF_ALLOWOPTS_RA;<br> <span class="Apple-tab-span" style="white-space:pre"> </span><span class="Apple-tab-span" style="white-space:pre"> </span>}<br> <span class="Apple-tab-span" style="white-space:pre"> </span><span class="Apple-tab-span" style="white-space:pre"> </span>| label<span class="Apple-tab-span" style="white-space:pre"> </span>{<br> <span class="Apple-tab-span" style="white-space:pre"> </span><span class="Apple-tab-span" style="white-space:pre"> </span><span class="Apple-tab-span" style="white-space:pre"> </span>if (filter_opts.label) {<br>@@ -4577,6 +4581,7 @@<br> <span class="Apple-tab-span" style="white-space:pre"> </span>static const struct keywords keywords[] = {<br> <span class="Apple-tab-span" style="white-space:pre"> </span><span class="Apple-tab-span" style="white-space:pre"> </span>{ "all",<span class="Apple-tab-span" style="white-space:pre"> </span><span class="Apple-tab-span" style="white-space:pre"> </span>ALL},<br> <span class="Apple-tab-span" style="white-space:pre"> </span><span class="Apple-tab-span" style="white-space:pre"> </span>{ "allow-opts",<span class="Apple-tab-span" style="white-space:pre"> </span><span class="Apple-tab-span" style="white-space:pre"> </span>ALLOWOPTS},<br>+<span class="Apple-tab-span" style="white-space:pre"> </span><span class="Apple-tab-span" style="white-space:pre"> </span>{ "allow-ra-opt",<span class="Apple-tab-span" style="white-space:pre"> </span><span class="Apple-tab-span" style="white-space:pre"> </span>ALLOWOPTSRA},<br> <span class="Apple-tab-span" style="white-space:pre"> </span><span class="Apple-tab-span" style="white-space:pre"> </span>{ "altq",<span class="Apple-tab-span" style="white-space:pre"> </span><span class="Apple-tab-span" style="white-space:pre"> </span>ALTQ},<br> <span class="Apple-tab-span" style="white-space:pre"> </span><span class="Apple-tab-span" style="white-space:pre"> </span>{ "anchor",<span class="Apple-tab-span" style="white-space:pre"> </span><span class="Apple-tab-span" style="white-space:pre"> </span>ANCHOR},<br> <span class="Apple-tab-span" style="white-space:pre"> </span><span class="Apple-tab-span" style="white-space:pre"> </span>{ "antispoof",<span class="Apple-tab-span" style="white-space:pre"> </span><span class="Apple-tab-span" style="white-space:pre"> </span>ANTISPOOF},<br>--- contrib/pf/pfctl/pfctl_parser.c.orig<span class="Apple-tab-span" style="white-space:pre"> </span>2005-05-03 17:55:20.000000000 +0100<br>+++ contrib/pf/pfctl/pfctl_parser.c<span class="Apple-tab-span" style="white-space:pre"> </span>2008-05-05 03:16:29.000000000 +0100<br>@@ -928,8 +928,10 @@<br> <span class="Apple-tab-span" style="white-space:pre"> </span><span class="Apple-tab-span" style="white-space:pre"> </span>printf(" min-ttl %d", r->min_ttl);<br> <span class="Apple-tab-span" style="white-space:pre"> </span>if (r->max_mss)<br> <span class="Apple-tab-span" style="white-space:pre"> </span><span class="Apple-tab-span" style="white-space:pre"> </span>printf(" max-mss %d", r->max_mss);<br>-<span class="Apple-tab-span" style="white-space:pre"> </span>if (r->allow_opts)<br>+<span class="Apple-tab-span" style="white-space:pre"> </span>if (r->allow_opts & PF_ALLOWOPTS_ALL)<br> <span class="Apple-tab-span" style="white-space:pre"> </span><span class="Apple-tab-span" style="white-space:pre"> </span>printf(" allow-opts");<br>+<span class="Apple-tab-span" style="white-space:pre"> </span>else if (r->allow_opts & PF_ALLOWOPTS_RA)<br>+<span class="Apple-tab-span" style="white-space:pre"> </span><span class="Apple-tab-span" style="white-space:pre"> </span>printf(" allow-ra-opt");<br> <span class="Apple-tab-span" style="white-space:pre"> </span>if (r->action == PF_SCRUB) {<br> <span class="Apple-tab-span" style="white-space:pre"> </span><span class="Apple-tab-span" style="white-space:pre"> </span>if (r->rule_flag & PFRULE_REASSEMBLE_TCP)<br> <span class="Apple-tab-span" style="white-space:pre"> </span><span class="Apple-tab-span" style="white-space:pre"> </span><span class="Apple-tab-span" style="white-space:pre"> </span>printf(" reassemble tcp");<br>--- sys/contrib/pf/net/pf.c.orig<span class="Apple-tab-span" style="white-space:pre"> </span>2008-05-05 04:12:00.000000000 +0100<br>+++ sys/contrib/pf/net/pf.c<span class="Apple-tab-span" style="white-space:pre"> </span>2008-05-05 04:24:48.000000000 +0100<br>@@ -6681,13 +6681,35 @@<br> <span class="Apple-tab-span" style="white-space:pre"> </span>}<br><br> done:<br>-<span class="Apple-tab-span" style="white-space:pre"> </span>if (action == PF_PASS && h->ip_hl > 5 &&<br>-<span class="Apple-tab-span" style="white-space:pre"> </span> !((s && s->allow_opts) || r->allow_opts)) {<br>-<span class="Apple-tab-span" style="white-space:pre"> </span><span class="Apple-tab-span" style="white-space:pre"> </span>action = PF_DROP;<br>-<span class="Apple-tab-span" style="white-space:pre"> </span><span class="Apple-tab-span" style="white-space:pre"> </span>REASON_SET(&reason, PFRES_IPOPTIONS);<br>-<span class="Apple-tab-span" style="white-space:pre"> </span><span class="Apple-tab-span" style="white-space:pre"> </span>log = 1;<br>-<span class="Apple-tab-span" style="white-space:pre"> </span><span class="Apple-tab-span" style="white-space:pre"> </span>DPFPRINTF(PF_DEBUG_MISC,<br>-<span class="Apple-tab-span" style="white-space:pre"> </span><span class="Apple-tab-span" style="white-space:pre"> </span> ("pf: dropping packet with ip options\n"));<br>+<span class="Apple-tab-span" style="white-space:pre"> </span>if (action == PF_PASS && h->ip_hl > 5) {<br>+<span class="Apple-tab-span" style="white-space:pre"> </span><span class="Apple-tab-span" style="white-space:pre"> </span>do {<br>+<span class="Apple-tab-span" style="white-space:pre"> </span><span class="Apple-tab-span" style="white-space:pre"> </span><span class="Apple-tab-span" style="white-space:pre"> </span>/* If allow-opts is set, allow any IP option. */<br>+<span class="Apple-tab-span" style="white-space:pre"> </span><span class="Apple-tab-span" style="white-space:pre"> </span><span class="Apple-tab-span" style="white-space:pre"> </span>if ((s && (s->allow_opts & PF_ALLOWOPTS_ALL)) ||<br>+<span class="Apple-tab-span" style="white-space:pre"> </span><span class="Apple-tab-span" style="white-space:pre"> </span><span class="Apple-tab-span" style="white-space:pre"> </span> (r->allow_opts & PF_ALLOWOPTS_ALL))<br>+<span class="Apple-tab-span" style="white-space:pre"> </span><span class="Apple-tab-span" style="white-space:pre"> </span><span class="Apple-tab-span" style="white-space:pre"> </span><span class="Apple-tab-span" style="white-space:pre"> </span>break;<br>+<span class="Apple-tab-span" style="white-space:pre"> </span><span class="Apple-tab-span" style="white-space:pre"> </span><span class="Apple-tab-span" style="white-space:pre"> </span>/*<br>+<span class="Apple-tab-span" style="white-space:pre"> </span><span class="Apple-tab-span" style="white-space:pre"> </span><span class="Apple-tab-span" style="white-space:pre"> </span> * If allow-ra-opt is set, allow only the<br>+<span class="Apple-tab-span" style="white-space:pre"> </span><span class="Apple-tab-span" style="white-space:pre"> </span><span class="Apple-tab-span" style="white-space:pre"> </span> * IP Router Alert option; it must be the first<br>+<span class="Apple-tab-span" style="white-space:pre"> </span><span class="Apple-tab-span" style="white-space:pre"> </span><span class="Apple-tab-span" style="white-space:pre"> </span> * IP option, and its value is ignored.<br>+<span class="Apple-tab-span" style="white-space:pre"> </span><span class="Apple-tab-span" style="white-space:pre"> </span><span class="Apple-tab-span" style="white-space:pre"> </span> */<br>+<span class="Apple-tab-span" style="white-space:pre"> </span><span class="Apple-tab-span" style="white-space:pre"> </span><span class="Apple-tab-span" style="white-space:pre"> </span>if ((s && (s->allow_opts & PF_ALLOWOPTS_RA)) ||<br>+<span class="Apple-tab-span" style="white-space:pre"> </span><span class="Apple-tab-span" style="white-space:pre"> </span><span class="Apple-tab-span" style="white-space:pre"> </span> (r->allow_opts & PF_ALLOWOPTS_RA)) {<br>+<span class="Apple-tab-span" style="white-space:pre"> </span><span class="Apple-tab-span" style="white-space:pre"> </span><span class="Apple-tab-span" style="white-space:pre"> </span><span class="Apple-tab-span" style="white-space:pre"> </span>uint8_t opt[4];<br>+<span class="Apple-tab-span" style="white-space:pre"> </span><span class="Apple-tab-span" style="white-space:pre"> </span><span class="Apple-tab-span" style="white-space:pre"> </span><span class="Apple-tab-span" style="white-space:pre"> </span>if (pf_pull_hdr(m, sizeof(struct ip),<br>+<span class="Apple-tab-span" style="white-space:pre"> </span><span class="Apple-tab-span" style="white-space:pre"> </span><span class="Apple-tab-span" style="white-space:pre"> </span><span class="Apple-tab-span" style="white-space:pre"> </span><span class="Apple-tab-span" style="white-space:pre"> </span><span class="Apple-tab-span" style="white-space:pre"> </span>&opt[0], sizeof(opt),<br>+<span class="Apple-tab-span" style="white-space:pre"> </span><span class="Apple-tab-span" style="white-space:pre"> </span><span class="Apple-tab-span" style="white-space:pre"> </span><span class="Apple-tab-span" style="white-space:pre"> </span><span class="Apple-tab-span" style="white-space:pre"> </span><span class="Apple-tab-span" style="white-space:pre"> </span>&action, &reason,<br>+<span class="Apple-tab-span" style="white-space:pre"> </span><span class="Apple-tab-span" style="white-space:pre"> </span><span class="Apple-tab-span" style="white-space:pre"> </span><span class="Apple-tab-span" style="white-space:pre"> </span><span class="Apple-tab-span" style="white-space:pre"> </span><span class="Apple-tab-span" style="white-space:pre"> </span>AF_INET) != NULL) {<br>+<span class="Apple-tab-span" style="white-space:pre"> </span><span class="Apple-tab-span" style="white-space:pre"> </span><span class="Apple-tab-span" style="white-space:pre"> </span><span class="Apple-tab-span" style="white-space:pre"> </span><span class="Apple-tab-span" style="white-space:pre"> </span>if (opt[0] == IPOPT_RA &&<br>+<span class="Apple-tab-span" style="white-space:pre"> </span><span class="Apple-tab-span" style="white-space:pre"> </span><span class="Apple-tab-span" style="white-space:pre"> </span><span class="Apple-tab-span" style="white-space:pre"> </span><span class="Apple-tab-span" style="white-space:pre"> </span> opt[1] == 4)<br>+<span class="Apple-tab-span" style="white-space:pre"> </span><span class="Apple-tab-span" style="white-space:pre"> </span><span class="Apple-tab-span" style="white-space:pre"> </span><span class="Apple-tab-span" style="white-space:pre"> </span><span class="Apple-tab-span" style="white-space:pre"> </span><span class="Apple-tab-span" style="white-space:pre"> </span>break;<br>+<span class="Apple-tab-span" style="white-space:pre"> </span><span class="Apple-tab-span" style="white-space:pre"> </span><span class="Apple-tab-span" style="white-space:pre"> </span><span class="Apple-tab-span" style="white-space:pre"> </span>}<br>+<span class="Apple-tab-span" style="white-space:pre"> </span><span class="Apple-tab-span" style="white-space:pre"> </span><span class="Apple-tab-span" style="white-space:pre"> </span>}<br>+<span class="Apple-tab-span" style="white-space:pre"> </span><span class="Apple-tab-span" style="white-space:pre"> </span><span class="Apple-tab-span" style="white-space:pre"> </span>action = PF_DROP;<br>+<span class="Apple-tab-span" style="white-space:pre"> </span><span class="Apple-tab-span" style="white-space:pre"> </span><span class="Apple-tab-span" style="white-space:pre"> </span>REASON_SET(&reason, PFRES_IPOPTIONS);<br>+<span class="Apple-tab-span" style="white-space:pre"> </span><span class="Apple-tab-span" style="white-space:pre"> </span><span class="Apple-tab-span" style="white-space:pre"> </span>log = 1;<br>+<span class="Apple-tab-span" style="white-space:pre"> </span><span class="Apple-tab-span" style="white-space:pre"> </span><span class="Apple-tab-span" style="white-space:pre"> </span>DPFPRINTF(PF_DEBUG_MISC,<br>+<span class="Apple-tab-span" style="white-space:pre"> </span><span class="Apple-tab-span" style="white-space:pre"> </span><span class="Apple-tab-span" style="white-space:pre"> </span> ("pf: dropping packet with ip options\n"));<br>+<span class="Apple-tab-span" style="white-space:pre"> </span><span class="Apple-tab-span" style="white-space:pre"> </span>} while (0);<br> <span class="Apple-tab-span" style="white-space:pre"> </span>}<br><br> <span class="Apple-tab-span" style="white-space:pre"> </span>if (s && s->tag)<br>--- sys/contrib/pf/net/pf_ioctl.c.orig<span class="Apple-tab-span" style="white-space:pre"> </span>2007-01-04 18:31:43.000000000 +0000<br>+++ sys/contrib/pf/net/pf_ioctl.c<span class="Apple-tab-span" style="white-space:pre"> </span>2008-05-05 04:23:02.000000000 +0100<br>@@ -320,6 +320,7 @@<br> <span class="Apple-tab-span" style="white-space:pre"> </span>/* default rule should never be garbage collected */<br> <span class="Apple-tab-span" style="white-space:pre"> </span>pf_default_rule.entries.tqe_prev = &pf_default_rule.entries.tqe_next;<br> <span class="Apple-tab-span" style="white-space:pre"> </span>pf_default_rule.action = PF_PASS;<br>+<span class="Apple-tab-span" style="white-space:pre"> </span>pf_default_rule.allow_opts = PF_ALLOWOPTS_RA;<br> <span class="Apple-tab-span" style="white-space:pre"> </span>pf_default_rule.nr = -1;<br><br> <span class="Apple-tab-span" style="white-space:pre"> </span>/* initialize default timeouts */<br>@@ -391,6 +392,7 @@<br> <span class="Apple-tab-span" style="white-space:pre"> </span>/* default rule should never be garbage collected */<br> <span class="Apple-tab-span" style="white-space:pre"> </span>pf_default_rule.entries.tqe_prev = &pf_default_rule.entries.tqe_next;<br> <span class="Apple-tab-span" style="white-space:pre"> </span>pf_default_rule.action = PF_PASS;<br>+<span class="Apple-tab-span" style="white-space:pre"> </span>pf_default_rule.allow_opts = PF_ALLOWOPTS_RA;<br> <span class="Apple-tab-span" style="white-space:pre"> </span>pf_default_rule.nr = -1;<br><br> <span class="Apple-tab-span" style="white-space:pre"> </span>/* initialize default timeouts */<br>--- sys/contrib/pf/net/pfvar.h.orig<span class="Apple-tab-span" style="white-space:pre"> </span>2005-12-30 00:50:18.000000000 +0000<br>+++ sys/contrib/pf/net/pfvar.h<span class="Apple-tab-span" style="white-space:pre"> </span>2008-05-05 03:05:42.000000000 +0100<br>@@ -651,6 +651,9 @@<br> <span class="Apple-tab-span" style="white-space:pre"> </span>u_int8_t<span class="Apple-tab-span" style="white-space:pre"> </span><span class="Apple-tab-span" style="white-space:pre"> </span> flagset;<br> <span class="Apple-tab-span" style="white-space:pre"> </span>u_int8_t<span class="Apple-tab-span" style="white-space:pre"> </span><span class="Apple-tab-span" style="white-space:pre"> </span> min_ttl;<br> <span class="Apple-tab-span" style="white-space:pre"> </span>u_int8_t<span class="Apple-tab-span" style="white-space:pre"> </span><span class="Apple-tab-span" style="white-space:pre"> </span> allow_opts;<br>+#define PF_ALLOWOPTS_ALL<span class="Apple-tab-span" style="white-space:pre"> </span>0x1<br>+#define PF_ALLOWOPTS_RA<span class="Apple-tab-span" style="white-space:pre"> </span><span class="Apple-tab-span" style="white-space:pre"> </span>0x2<span class="Apple-tab-span" style="white-space:pre"> </span><span class="Apple-tab-span" style="white-space:pre"> </span><span class="Apple-tab-span" style="white-space:pre"> </span>/* IP Router Alert */<br>+#define PF_ALLOWOPTS_MASK<span class="Apple-tab-span" style="white-space:pre"> </span>0x3<br> <span class="Apple-tab-span" style="white-space:pre"> </span>u_int8_t<span class="Apple-tab-span" style="white-space:pre"> </span><span class="Apple-tab-span" style="white-space:pre"> </span> rt;<br> <span class="Apple-tab-span" style="white-space:pre"> </span>u_int8_t<span class="Apple-tab-span" style="white-space:pre"> </span><span class="Apple-tab-span" style="white-space:pre"> </span> return_ttl;<br> <span class="Apple-tab-span" style="white-space:pre"> </span>u_int8_t<span class="Apple-tab-span" style="white-space:pre"> </span><span class="Apple-tab-span" style="white-space:pre"> </span> tos;<br><br><br></blockquote></div><br></div></body></html>