Le 11/01/2010 17:25, Stephen Hemminger a écrit : > We could but: > 1. GTSM is trying to protect against Man in the Middle attacks to existing > BGP connections > 2. That is not what BSD (or other vendors) do.
Yes, unfortunately, I am afraid we are forced to be compatable. > >> Of course, for listeners waiting for connexions from different peers (and >> different >> ttl values), it would be tricky. >> >> Check should be done at user level, if we store ttl value of SYN packet and >> let >> user application read its value by a getsockopt() > > I think IP_RECVTTL would work for that idea. Yes, if it was extented to TCP somehow. Given this is an IP level option, check could be done at IP level, so that other protocols can use it too ? -- To unsubscribe from this list: send the line "unsubscribe linux-api" in the body of a message to [email protected] More majordomo info at http://vger.kernel.org/majordomo-info.html
