Hey Nick, anything else is missing from me regarding this patch?
On Tue, Jun 13, 2017 at 2:20 PM, Donatas Abraitis < [email protected]> wrote: > Hey Nick, > > it must be 0, not 255. I updated it in patch attached 👍 > > Sent from my iPhone > > > On 13 Jun 2017, at 13:52, Nick Kew <[email protected]> wrote: > > > >> On Tue, 2017-06-13 at 11:41 +0300, Donatas Abraitis wrote: > >> > >> I would like to propose this patchset allowing to set maximum TTL value > for incoming requests. This is not a usual use case, but I'm interested > (maybe others too) to have this in place. The real use case would be like > this one http://blog.donatas.net/blog/2017/04/20/http-request-validation/. > > > > Thanks! I'm not sure I follow your exact scenario, but it > > looks like a modest enhancement at very low cost or risk! > > > >> TL;DR: if you want to deny requests bypassing proxy layer (in this case > Apache operates as a backend). Hence set TTLimit to 1 and Apache will be > able to handle requests coming almost from the local network, because > packets with TTL usually come from local networks. > >> > >> > >> I don't know which place is the right place to put patches, but > >> original patch is here: > >> https://bz.apache.org/bugzilla/show_bug.cgi?id=61179 > >> https://bz.apache.org/bugzilla/attachment.cgi?id=35048 > > > > That's exactly the right place. > > > > At first glance, patch looks interesting, and I'm minded to > > adopt (some version of) it for trunk. Though I think I'd > > default it to 0 (off) rather than your 255. Any other views? > > > > -- > > Nick Kew > > > > > -- Donatas
