From owner-freebsd-hackers Wed Dec 21 14:47:00 1994 Return-Path: hackers-owner Received: (from root@localhost) by freefall.cdrom.com (8.6.9/8.6.6) id OAA23737 for hackers-outgoing; Wed, 21 Dec 1994 14:47:00 -0800 Received: from ibp.ibp.fr (ibp.ibp.fr [132.227.60.30]) by freefall.cdrom.com (8.6.9/8.6.6) with ESMTP id WAA23727 for ; Wed, 21 Dec 1994 22:46:57 GMT Received: from blaise.ibp.fr (blaise.ibp.fr [132.227.60.1]) by ibp.ibp.fr (8.6.8/jtpda-5.0) with SMTP id XAA04971 for ; Wed, 21 Dec 1994 23:47:13 +0100 Received: by blaise.ibp.fr (4.1/SMI-4.1) id AA00587; Wed, 21 Dec 94 23:47:35 +0100 Received: (from roberto@localhost) by keltia.frmug.fr.net (8.6.9/keltia-uucp-1.21) id XAA09764 for freebsd-hackers@FreeBSD.ORG; Wed, 21 Dec 1994 23:41:33 +0100 From: Ollivier Robert Message-Id: <199412212241.XAA09764@keltia.frmug.fr.net> Subject: Source routing To: freebsd-hackers@freebsd.org (FreeBSD Hackers' list) Date: Wed, 21 Dec 1994 23:41:32 +0100 (MET) Reply-To: roberto@hsc.fr.net (Ollivier Robert) X-Mailer: ELM [version 2.4 PL23] Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 8bit Content-Length: 494 Sender: hackers-owner@freebsd.org Precedence: bulk Now that we have a packet filtering package, I think it would be a good security point if source routed packets could be dropped or logged with a corresponding sysctl variable... net.inet.ip.sourceroute maybe ? Refusing source routed packets is a strong security point. -- Ollivier ROBERT -=- The daemon is FREE! -=- roberto@keltia.frmug.fr.net FreeBSD keltia 2.1.0-Development #0: Sun Dec 11 20:52:22 1994 roberto@keltia:/usr/src/sys/compile/KELTIA i386 ctm#218