Date: Wed, 19 Dec 2001 19:23:55 +0300 (MSK) From: Maxim Konovalov <maxim@macomnet.ru> To: Yar Tikhiy <yar@FreeBSD.ORG> Cc: net@FreeBSD.ORG, <hackers@FreeBSD.ORG> Subject: Re: Processing IP options reveals IPSTEALH router Message-ID: <20011219190533.W57795-100000@news1.macomnet.ru> In-Reply-To: <20011219181929.A20425@comp.chem.msu.su>
next in thread | previous in thread | raw e-mail | index | archive | help
Hello Yar, On 18:19+0300, Dec 19, 2001, Yar Tikhiy wrote: > Hi there, > > I ran into an absolutely clear, but year-old PR pointing out that > a router in the IPSTEALTH mode will reveal itself when processing > IP options: kern/23123. > > The fix proposed seems clean and right to me: don't do IP options > at all when in the IPSTEALTH mode. Does anyone have objections? > If no, I'll commit the fix. > First of all we should decide what IPSTEALTH is for. Is it just a Ruslan's net.inet.ip.decttl or it should really stealth the fact of the routing? If the latter how do we behave in source routing case? -- Maxim Konovalov, MAcomnet, Internet-Intranet Dept., system engineer phone: +7 (095) 796-9079, mailto: maxim@macomnet.ru To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20011219190533.W57795-100000>