[Redirected to -net]
On Thu, Feb 14, 2002 at 11:39:37AM -0500, Garrett Wollman wrote:
> <<On Thu, 14 Feb 2002 11:09:41 +0200, Ruslan Ermilov <[EMAIL PROTECTED]> said:
> > ping -s 127.1 126.96.36.199
> > telnet -S 127.1 188.8.131.52
> If someone explicitly overrides source-address selection, they are
> presumed to know WTF they are doing, and the kernel should not be
> trying to second-guess them.
That "someone" could be a bad guy playing dirty games with your box and
certainly knowing what he's doing. :-)
So far, noone gave me a real example where using of net 127 outside
loopback would be useful. If there such an example exists, we should
wrap all three checks into a sysctl, including ip_input(), ip_output(),
and in_canforward() parts, where ip_input() exists for almost a year,
and in_canforward() existed since 1987.
Ruslan, who just wants a consistency here.
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-current" in the body of the message