From owner-freebsd-stable@FreeBSD.ORG Sun Sep 24 11:18:46 2006 Return-Path: X-Original-To: freebsd-stable@freebsd.org Delivered-To: freebsd-stable@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id A8F7116A407 for ; Sun, 24 Sep 2006 11:18:46 +0000 (UTC) (envelope-from elessar@bsdforen.de) Received: from fix.bsdforen.de (bsdforen.de [212.204.60.79]) by mx1.FreeBSD.org (Postfix) with ESMTP id 2AF3A43D46 for ; Sun, 24 Sep 2006 11:18:45 +0000 (GMT) (envelope-from elessar@bsdforen.de) Received: by fix.bsdforen.de (Postfix, from userid 20000) id 90E4544A467; Sun, 24 Sep 2006 13:18:44 +0200 (CEST) Received: from localhost (localhost [127.0.0.2]) by fix.bsdforen.de (Postfix) with ESMTP id 1A82644A433; Sun, 24 Sep 2006 13:18:42 +0200 (CEST) X-Virus-Scanned: amavisd-new at bsdforen.de Received: from fix.bsdforen.de ([127.0.0.2]) by localhost (fix.bsdforen.de [127.0.0.2]) (amavisd-new, port 10024) with LMTP id JOd6HuVdH4Y3; Sun, 24 Sep 2006 13:18:41 +0200 (CEST) Received: from loki.starkstrom.lan (p54A46F66.dip.t-dialin.net [84.164.111.102]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by fix.bsdforen.de (Postfix) with ESMTP id 2515F44A40B; Sun, 24 Sep 2006 13:18:40 +0200 (CEST) Date: Sun, 24 Sep 2006 13:18:38 +0200 From: Joerg Pernfuss To: Anton - Valqk Message-ID: <20060924131838.23bb9ffc@loki.starkstrom.lan> In-Reply-To: <451666C9.6060902@lozenetz.org> References: <451666C9.6060902@lozenetz.org> X-Mailer: Sylpheed-Claws 2.2.3 (GTK+ 2.8.9; i386-portbld-freebsd6.1) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 8bit X-DSPAM-Result: Whitelisted X-DSPAM-Processed: Sun Sep 24 13:18:44 2006 X-DSPAM-Confidence: 0.9988 X-DSPAM-Probability: 0.0000 X-DSPAM-Signature: 45166994563707906521308 Cc: freebsd-stable@freebsd.org Subject: Re: ipstealth question. X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 24 Sep 2006 11:18:46 -0000 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Sun, 24 Sep 2006 14:06:49 +0300 Anton - Valqk wrote: > Hi group, > I was wondering is option > > options IPSTEALTH > > not in the GENERIC on purpose? Without knowing the exact number, I am sure not decrementing the TTL violates at least one RFC. Imagine some datacenter with lots of FreeBSD installations and IPSTEALTH part of GENERIC. Ideally they do their routing via FreeBSD/netgraph too. Packets won't die, especially if they have a loop somewhere. Joerg - -- | /"\ ASCII ribbon | GnuPG Key ID | e86d b753 3deb e749 6c3a | | \ / campaign against | 0xbbcaad24 | 5706 1f7d 6cfd bbca ad24 | | X HTML in email | .the next sentence is true. | | / \ and news | .the previous sentence was a lie. | -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2.2 (FreeBSD) iD8DBQFFFmmOH31s/bvKrSQRAoPAAJ4wod2pT6Irr8AzhF7M4LRaXJZ7TwCdGwQi y0kNNpGp0xG96o11YxfE2a8= =MXk6 -----END PGP SIGNATURE----- !DSPAM:45166994563707906521308!