Date: Thu, 6 May 2004 17:35:45 -0500 From: "David W. Chapman Jr." <dwcjr@inethouston.net> To: Maxim Konovalov <maxim@macomnet.ru> Cc: Andre Oppermann <andre@freebsd.org> Subject: Re: Default behaviour of IP Options processing Message-ID: <20040506223545.GA61873@minubian.inethouston.net> In-Reply-To: <20040507020422.D94207@mp3files.int.ru> References: <200405061846.i46Ik3Jc060969@repoman.freebsd.org> <409A8EF3.5825EF0C@freebsd.org> <20040507020422.D94207@mp3files.int.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
> We are using RR option all the time to track down routing asymmetry > and traceroute is not an option, ping -R is very useful in that cases. > We all know that ipfw (and I am sure all other *pf*) is able to > process ip opts quite well and personally see no point in this > sysctls. I fail to see a documentation update (inet.4 ?) as well. > > It is not clear for me why you ever ask for opinions after commit not > before. Strick "nay" if you care :-) He hasn't changed the default yet. But I think for the select few who actually use such tcp options, they can enable it. Most of the users however will not need this. I think the point that is trying to be made is that they want the default installation to be more secure and those who need these features can simply turn them on. -- David W. Chapman Jr. dwcjr@inethouston.net Raintree Network Services, Inc. <www.inethouston.net>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040506223545.GA61873>