You are absolutely right but stealth is a strictly so, I you don't want
a ttl change simply don't set
net.inet.ip.stealth=1
I was just wondering...
Joerg Pernfuss wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Sun, 24 Sep 2006 14:06:49 +0300
Anton - Valqk <[EMAIL PROTECTED]> wrote:
Hi group,
I was wondering is option
options IPSTEALTH
not in the GENERIC on purpose?
Without knowing the exact number, I am sure not decrementing the
TTL violates at least one RFC. Imagine some datacenter with lots
of FreeBSD installations and IPSTEALTH part of GENERIC.
Ideally they do their routing via FreeBSD/netgraph too.
Packets won't die, especially if they have a loop somewhere.
Joerg
- --
| /"\ ASCII ribbon | GnuPG Key ID | e86d b753 3deb e749 6c3a |
| \ / campaign against | 0xbbcaad24 | 5706 1f7d 6cfd bbca ad24 |
| X HTML in email | .the next sentence is true. |
| / \ and news | .the previous sentence was a lie. |
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (FreeBSD)
iD8DBQFFFmmOH31s/bvKrSQRAoPAAJ4wod2pT6Irr8AzhF7M4LRaXJZ7TwCdGwQi
y0kNNpGp0xG96o11YxfE2a8=
=MXk6
-----END PGP SIGNATURE-----
!DSPAM:45166995563711581215491!
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
_______________________________________________
[email protected] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
