Date: Wed, 21 Feb 2001 10:39:25 +0100 From: Jesper Skriver <jesper@skriver.dk> To: Ruslan Ermilov <ru@FreeBSD.org> Cc: Jonathan Lemon <jlemon@FreeBSD.org>, cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: Re: cvs commit: src/sys/netinet ip_input.c Message-ID: <20010221103925.G93678@skriver.dk> In-Reply-To: <20010221105306.D32098@sunbay.com>; from ru@FreeBSD.org on Wed, Feb 21, 2001 at 10:53:06AM %2B0200 References: <200102202131.f1KLVmD90813@freefall.freebsd.org> <20010221105306.D32098@sunbay.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, Feb 21, 2001 at 10:53:06AM +0200, Ruslan Ermilov wrote: > On Tue, Feb 20, 2001 at 01:31:48PM -0800, Jesper Skriver wrote: > > jesper 2001/02/20 13:31:48 PST > > > > Modified files: > > sys/netinet ip_input.c > > Log: > > Send a ICMP unreachable instead of dropping the packet silent, if we > > receive a packet not for us, and forwarding disabled. > > > > PR: kern/24512 > > Reviewed by: jlemon > > Approved by: jlemon > > This violates Host Requirements RFC 1122. In section 3.2.1.3, we read: Oups, what about - even if it violates the rfc, it's quite usefull in some corner cases - it's something we use locally here, so I suggest leaving it in, but disabled by default, and with the warning, ok ? /Jesper Index: ip_input.c =================================================================== RCS file: /home/ncvs/src/sys/netinet/ip_input.c,v retrieving revision 1.153 diff -u -r1.153 ip_input.c --- ip_input.c 2001/02/20 21:31:47 1.153 +++ ip_input.c 2001/02/21 09:35:31 @@ -124,9 +124,9 @@ &ip_keepfaith, 0, "Enable packet capture for FAITH IPv4->IPv6 translater daemon"); -int ip_send_unreach = 1; +int ip_send_unreach = 0; SYSCTL_INT(_net_inet_ip, OID_AUTO, send_unreach, CTLFLAG_RW, &ip_send_unreach, - 0, "Send ICMP unreach when packet not for us rx, and forwarding disabled"); + 0, "Send ICMP unreach when packet not for us rx, and forwarding disabled, note violate rfc1122 section 3.2.1.3"); #ifdef DIAGNOSTIC static int ipprintfs = 0; @@ -592,6 +592,9 @@ /* * If we receive a packet not for us, and forwarding disabled * send a ICMP host unreachable back to the source. + * + * Note: violate rfc1122 section 3.2.1.3, therefor disabled + * by default. */ if (ip_send_unreach) icmp_error(m, ICMP_UNREACH, ICMP_UNREACH_HOST, 0, 0); /Jesper -- Jesper Skriver, jesper(at)skriver(dot)dk - CCIE #5456 Work: Network manager @ AS3292 (Tele Danmark DataNetworks) Private: FreeBSD committer @ AS2109 (A much smaller network ;-) One Unix to rule them all, One Resolver to find them, One IP to bring them all and in the zone to bind them. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010221103925.G93678>