EAFNOSUPPORT can de-facto be returned by sendto() but it isn't documented. 13.1
(In reply to Yuri Victorovich from comment #0) In which cases could that happen, both theoretically and (considering that there was no EAFNOSUPPORT error from the socket(2) that presumably happened earlier) in practice? Recipient address/protocol family (implicit in send, explicit in sendto) different from sender address/protocol family?
(In reply to PauAmma from comment #1) This happens when the address type doesn't match the socket type.
(In reply to Yuri Victorovich from comment #2) Unless I misunderstand you, you're saying more tersely the same thing I was reaching for in "Recipient address/protocol family (implicit in send, explicit in sendto) different from sender address/protocol family?". (Perhaps "different from" should be "incompatible with".) I'd use "Destination address family incompatible with protocol set for sending socket" for the error description and, to follow the same order as share/examples/mdoc/example.3, insert it after EMSGSIZE. Does that sound right?
(In reply to PauAmma from comment #3) I agree. I just accidentally hit this error due to a programming mistake and reported it here as missing in docs. In my case the address supplied to sendto() was garbage. Yuri
I was just hit by this bug also, as it crashes my IPS: suricata[13989]: [105773] <Warning> -- [ERRCODE: SC_WARN_IPFW_XMIT(84)] - Write to ipfw divert socket failed: Address family not supported by protocol family suricata[13989]: [105588] <Error> -- [ERRCODE: SC_ERR_FATAL(171)] - thread W-8677 failed This happens every time at the moment when an SMTP connection via IPv6 switches to STARTTLS. (I can do it manually in telnet: the connection builds up normally, and after I type in STARTTLS on the client side, the crash happens.) I do not see why the protocol family of an active tcp session on port 25 would change when deciding to do TLS. For now I have changed the IPS to ignore this errorcode, and apparently that helps - a mail went through successfully, with no anomalies visible in tcpdump. I'll attach my patch on security/suricata
Created attachment 235009 [details] patch on port security/suricata