Jesper Skriver wrote: > On Fri, Jan 04, 2002 at 06:02:10PM -0500, Louis A. Mamakos wrote: > > One possibility is that the code in icmp_input() processing the > > PMTU discovery-induced ICMP message could verify that the returned > > header in fact is associated with a connection on the host and > > maybe even has sane sequence numbers (for TCP segments). > > The code does that today
That's why you spoof the route between the machine and the next hop, after making a *valid* connection... The only think that can get around it is an overly anal hop count comparison (which could fail, if there were multiple equivalent routes), or turning off the ICMP (which is what started this thread in the first place). -- Terry To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
