Hi, I've noticed a weird behavior happening on Sequoia with DF bit:
-
On machine where SIP is disabled, when I do
/sbin/ping -D -s 1400 8.8.8.8
I do see the DF bit in wireshark -
On machine where SIP is enabled, when I do
/sbin/ping -D -s 1400 8.8.8.8
I do not see the DF bit in wireshark
The -D
flag should set the DF bit but for some reason it doesn’t if the SIP is enabled.
Perhaps there was any change in permission/entitlements mechanism in Sequoia that can explain it ? I'm using the built-in ping command so maybe it should be signed with more entitlements ?