From nobody Fri Jun 14 15:20:09 2024
X-Original-To: freebsd-net@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4W12yt4VXfz5P2Wg
	for <freebsd-net@mlmmj.nyi.freebsd.org>; Fri, 14 Jun 2024 15:20:22 +0000 (UTC)
	(envelope-from zarychtam@plan-b.pwste.edu.pl)
Received: from plan-b.pwste.edu.pl (plan-b.pwste.edu.pl [IPv6:2001:678:618::40])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (2048 bits) client-digest SHA256)
	(Client CN "plan-b.pwste.edu.pl", Issuer "GEANT OV RSA CA 4" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4W12yt2F0Sz4j8t
	for <freebsd-net@freebsd.org>; Fri, 14 Jun 2024 15:20:22 +0000 (UTC)
	(envelope-from zarychtam@plan-b.pwste.edu.pl)
Authentication-Results: mx1.freebsd.org;
	dkim=pass header.d=plan-b.pwste.edu.pl header.s=plan-b-mailer header.b="bXo6e/b/";
	dmarc=pass (policy=quarantine) header.from=plan-b.pwste.edu.pl;
	spf=pass (mx1.freebsd.org: domain of zarychtam@plan-b.pwste.edu.pl designates 2001:678:618::40 as permitted sender) smtp.mailfrom=zarychtam@plan-b.pwste.edu.pl
Received: from [192.168.7.70] (dom.potoki.eu [62.133.140.50])
	(authenticated bits=0)
	by plan-b.pwste.edu.pl (8.18.1/8.17.2) with ESMTPSA id 45EFK9ti060995
	(version=TLSv1.3 cipher=TLS_AES_128_GCM_SHA256 bits=128 verify=NO);
	Fri, 14 Jun 2024 17:20:09 +0200 (CEST)
	(envelope-from zarychtam@plan-b.pwste.edu.pl)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=plan-b.pwste.edu.pl;
	s=plan-b-mailer; t=1718378410;
	bh=q4y6Nj5WEk56Vz4ub030x3gMDOCgnaiv06FspWxnT+8=;
	h=Date:Subject:To:Cc:References:From:In-Reply-To;
	b=bXo6e/b/52hCOPMZ/dsQQPVl2n9dNBlEqWapIldo2BPPHnaxtUFUkIDnBjdapJv+w
	 MlpbOXCLoI27bz6M6dXjg1GXWBUWl49p3FaxnWZvLxWiAWmuF8Al7ouGsHslcfVzAa
	 +77gxteF/7dLEWzoElJFXA2wn1IugqNrgbfYt+vbnZk0p/M4VBoAlGVheU/L1oHkoe
	 4NXFVPEv+OYX/YO453iXwEjzHjweh/NKi1qtY/dQzVW4TwLbONhtY4GB00TOifY53r
	 0yvS6BA0DtMtoicLG/eHdAFgRhhN5AZp7iZJzn345v+P2vCjp1cvazx2DFeOL+l2yB
	 SeXl87JlyrYpw==
X-Authentication-Warning: plan-b.pwste.edu.pl: Host dom.potoki.eu [62.133.140.50] claimed to be [192.168.7.70]
Content-Type: multipart/alternative;
 boundary="------------Sn4vvhXEe0g82V409dVk0uNm"
Message-ID: <bd97a749-37dd-4eb3-a951-ff7868405f25@plan-b.pwste.edu.pl>
Date: Fri, 14 Jun 2024 17:20:09 +0200
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/freebsd-net
List-Help: <mailto:freebsd-net+help@freebsd.org>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Subscribe: <mailto:freebsd-net+subscribe@freebsd.org>
List-Unsubscribe: <mailto:freebsd-net+unsubscribe@freebsd.org>
Sender: owner-freebsd-net@FreeBSD.org
MIME-Version: 1.0
User-Agent: Mozilla Thunderbird
Subject: Re: Discarding inbound ICMP REDIRECT by default
To: Ed Maste <emaste@freebsd.org>
Cc: freebsd-net@freebsd.org
References: <CAPyFy2CKZFf6QF1j-kWPG+3yetjNSszdCnJF=T6-hPmozheYYw@mail.gmail.com>
 <db22086a-5327-4d3f-b6ac-b5cfe630fa20@plan-b.pwste.edu.pl>
 <CAPyFy2BK6KNHqN7MTh71iPH3+uiioGXsumHOVGczx+nduM=3Ug@mail.gmail.com>
Content-Language: en-US
From: Marek Zarychta <zarychtam@plan-b.pwste.edu.pl>
Autocrypt: addr=zarychtam@plan-b.pwste.edu.pl; keydata=
 xsBNBFfi3cMBCADLecMTFXad4uDXqv3eRuB4qJJ8G9tzzFezeRnnwxOsPdytW5ES2z1ibSrR
 IsiImx6+PTqrAmXpTInxAi7yiZGdSiONRI4CCxKY9d1YFiNYT/2WyNXCekm9x29YeIU7x0JB
 Llbz0f/9HC+styBIu2H+PY/X98Clzm110CS+n/b9l1AtiGxTiVFj7/uavYAKxH6LNWnbkuc5
 v8EVNc7NkEcl5h7Z9X5NEtzDxTOiBIFQ/kOT7LAtkYUPo1lqLeOM2DtWSXTXQgXl0zJI4iP1
 OAu4qQYm2nXwq4b2AH9peknelvnt1mpfgDCGSKnhc26q6ibTfMwydp+tvUtQIQYpA6b9ABEB
 AAHNN01hcmVrIFphcnljaHRhIChQbGFuLWIpIDx6YXJ5Y2h0YW1AcGxhbi1iLnB3c3RlLmVk
 dS5wbD7CwHcEEwEIACEFAlfi4LkCGwMFCwkIBwIGFQgJCgsCBBYCAwECHgECF4AACgkQHZW8
 vIFppoJXdgf8D9X3VRFSNaR9lthSx/+uqas17J3FJKBo1xMQsC2a+44vzNvYJSuPGLLJ+LW2
 HPVazjP/BWZJbxOYpliY4zxNRU0YCp0BLIVLibc//yax+mE42FND/+NiIZhqJscl6MLPrSwo
 sIwXec4XYkldkyqW/xBbBYXoIkBqdKB9j5j42Npy1IV/RizOSdmvTWY27ir8e/yGMR1RLr4F
 8P5K3OWTdlGy2H2F/3J8bIPBLG6FpaIyLQw4dHSx8V02PYqDxK1cNo2kAOnU8PnZL/AGuMOH
 iv3MN1VYL8ehcmpBBsrZGebQJxrjY2/5IaTSgp9xHYT70kshuU6Qb97vk1mOjNZxgc7ATQRX
 4t3DAQgA10h6RCXuBLMHxq5B8X/ZIlj9sgLoeyfRdDZEc9rT2KUeUJVHDsbvOFf4/7F1ovWY
 hJbA6GK/LUZeHHTjnbZcH1uDYQeHly4UOLxeEvhGoz4JhS2C7JzN/uRnwbdOAUbJr8rUj/IY
 a7gk906rktsc/Ldrxrxh7O6WO0JCh2XO/p4pDfEwwB37g4xHprSab28ECYJ9JMbtA8Sy4M55
 g3+GQ28FvSlGnx48OoGXU2BZdc1vZKSQmNOlikB+9/hDX8zdYWVfDaX1TLQ8Ib4+xTUmapza
 mV/bxIsaZRBw+jFjLQHhTbIMfPEU+4mxFDvTdbKPruKPqVf1ydgMnPZWngowdwARAQABwsBf
 BBgBCAAJBQJX4t3DAhsMAAoJEB2VvLyBaaaC6qkIAJs9sDPqrqW0bYoRfzY6XjDWQ59p9tJi
 v8aogxacQNCfAu+WkJ8PNVUtC1dlVcG5NnZ80gXzd1rc8ueIvXlvdanUt/jZd8jbb3gaDbK3
 wh1yMCGBl/1fOJTyEGYv1CRojv97KK89KP5+r8x1P1iHcSrunlDNqGxTMydNCwBH23QcOM+m
 u4spKnJ/s0VRBkw3xoKBZfZza6fTQ4gTpAipjyk7ldOGBV+PvkKATdhK2yLwuWXhKbg/GRlD
 1r5P0gxzSqfV4My+KJuc2EDcrqp1y0wOpE1m9iZqCcd0fup5f7HDsYlLWshr7NQl28f6+fQb
 sylq/j672BHXsdeqf/Ip9V4=
In-Reply-To: <CAPyFy2BK6KNHqN7MTh71iPH3+uiioGXsumHOVGczx+nduM=3Ug@mail.gmail.com>
X-Spamd-Bar: ---
X-Spamd-Result: default: False [-3.88 / 15.00];
	NEURAL_HAM_MEDIUM(-1.00)[-1.000];
	NEURAL_HAM_LONG(-1.00)[-1.000];
	NEURAL_HAM_SHORT(-0.99)[-0.992];
	DMARC_POLICY_ALLOW(-0.50)[plan-b.pwste.edu.pl,quarantine];
	R_SPF_ALLOW(-0.20)[+mx:c];
	R_DKIM_ALLOW(-0.20)[plan-b.pwste.edu.pl:s=plan-b-mailer];
	MIME_GOOD(-0.10)[multipart/alternative,text/plain];
	ONCE_RECEIVED(0.10)[];
	XM_UA_NO_VERSION(0.01)[];
	MIME_TRACE(0.00)[0:+,1:+,2:~];
	RCVD_VIA_SMTP_AUTH(0.00)[];
	RCVD_COUNT_ONE(0.00)[1];
	ARC_NA(0.00)[];
	ASN(0.00)[asn:206006, ipnet:2001:678:618::/48, country:PL];
	TO_DN_SOME(0.00)[];
	RCVD_TLS_ALL(0.00)[];
	RCPT_COUNT_TWO(0.00)[2];
	MLMMJ_DEST(0.00)[freebsd-net@freebsd.org];
	HAS_XAW(0.00)[];
	MID_RHS_MATCH_FROM(0.00)[];
	FROM_HAS_DN(0.00)[];
	TO_MATCH_ENVRCPT_SOME(0.00)[];
	FROM_EQ_ENVFROM(0.00)[];
	DKIM_TRACE(0.00)[plan-b.pwste.edu.pl:+]
X-Rspamd-Queue-Id: 4W12yt2F0Sz4j8t

This is a multi-part message in MIME format.
--------------Sn4vvhXEe0g82V409dVk0uNm
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 8bit

W dniu 8.05.2024 o 21:14, Ed Maste pisze:
> It may make sense to apply the same default change for IPv6, but I
> don't think we need to tie the two discussions / investigations
> together.

IMHO it is important to link ICMP6 with ICMP in terms of ICMP 
redirection. I have the impression that we are neglecting the IPv6 field 
again and this is our common sin.

-- 
Marek Zarychta

--------------Sn4vvhXEe0g82V409dVk0uNm
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: 8bit

<!DOCTYPE html>
<html>
  <head>
    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
  </head>
  <body>
    <div class="moz-cite-prefix">W dniu 8.05.2024 o 21:14, Ed Maste
      pisze:<br>
    </div>
    <blockquote type="cite"
cite="mid:CAPyFy2BK6KNHqN7MTh71iPH3+uiioGXsumHOVGczx+nduM=3Ug@mail.gmail.com">
      <pre>It may make sense to apply the same default change for IPv6, but I
don't think we need to tie the two discussions / investigations
together.</pre>
    </blockquote>
    <p><span class="HwtZe" lang="en"><span class="jCAhz JxVs2d ChMk0b"><span
            class="ryNqvb">IMHO it is important to link ICMP6 with ICMP
            in terms of ICMP redirection.</span></span> <span
          class="jCAhz JxVs2d ChMk0b"><span class="ryNqvb">I have the
            impression that we are neglecting the IPv6 field again and
            this is our common sin.</span></span></span></p>
    <pre class="moz-signature" cols="72">-- 
Marek Zarychta</pre>
  </body>
</html>

--------------Sn4vvhXEe0g82V409dVk0uNm--