> On Sun, Dec 23, 2001 at 02:29:14AM +0300, Maxim Konovalov wrote: >> >> On 18:51+0300, Dec 21, 2001, Yar Tikhiy wrote: >> >> > I made a patch that adds the "stealthy IP options feature". >> > Honestly, now I'm afraid it's "much ado about nothing", given how >> > clumsy solution is needed for such a small problem. Even the way >> > of ignoring IP options completely when doing IPSTEALTH looks way >> > better... >> >> IMHO it is not a good idea to forward a packet with possible incorrect >> ip options.
> Forwarding a packet without decreasing its TTL may be even worse idea :-) yeah. Two routers with IPSTEALTH and wrong routing (when A-box sends a datagram to B-box and the B-box uses the default route to A-box for it) will effectively eat up the channel between them... And this is quite easy to set up... > We're breaking the standard with IPSTEALTH anyway, so to my mind the > best idea is to avoid spoiling the system code too much. >> The patch looks OK for me. > All right, if anyone else feels committing that patch of mine is > OK and tells that to me, I'll commit it. -- Igor M Podlesny a.k.a. Poige http://www.morning.ru/~poige To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-net" in the body of the message
