Date: Wed, 31 Oct 2007 14:43:48 +0100 From: Matus Harvan <mharvan@inf.ethz.ch> To: "Bruce M. Simpson" <bms@FreeBSD.org> Cc: freebsd-net@freebsd.org, Brooks Davis <brooks@freebsd.org>, Max Laier <max@love2party.net> Subject: Re: icmp echo_user Message-ID: <20071031134348.GD1165@styx.ethz.ch> In-Reply-To: <20071031004709.GB2564@styx.ethz.ch> References: <20070909201152.GA18039@inf.ethz.ch> <20071026153128.GF1049@styx.ethz.ch> <4722A8DD.6060601@FreeBSD.org> <20071031004709.GB2564@styx.ethz.ch>
next in thread | previous in thread | raw e-mail | index | archive | help
[-- Attachment #1 --]
On Wed, Oct 31, 2007 at 01:47:09AM +0100, Matus Harvan wrote:
[...]
> In case icmpechouser is enabled
>
> * should the packet be dropped if it was multicast/broadcast and
> icmpbcastecho is disabled?
>
> I guess yes.
Thinking about this again, I think the bmcastecho meaning is about
generating repleis rather than receiving requests. From icmp(4):
bmcastecho (boolean) Enable/disable ICMP replies received via broad-
cast or multicast. Defaults to false.
Hence, I don't think that the packet should be dropped even if
icmpbcastecho is disabled.
Hence, I think it would be OK to keep the 'goto raw' at the beginning
(as it was in the patch I have sent) rather than moving it down to the
'goto reflect'.
Matus
[-- Attachment #2 --]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.4 (FreeBSD)
iD8DBQFHKIaU43LQWDWf0QIRAqFsAJ9DLKF2MkQQUZQL3hh8QRo0ShC9RwCffZq8
rprswlngrvlWrW9rZrfnhh0=
=ceUx
-----END PGP SIGNATURE-----
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20071031134348.GD1165>