From owner-freebsd-net@FreeBSD.ORG Wed Oct 31 13:57:24 2007 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 400C216A469; Wed, 31 Oct 2007 13:57:24 +0000 (UTC) (envelope-from matus.harvan@inf.ethz.ch) Received: from XSMTP0.ethz.ch (xsmtp0.ethz.ch [82.130.70.14]) by mx1.freebsd.org (Postfix) with ESMTP id BD19A13C4A5; Wed, 31 Oct 2007 13:57:23 +0000 (UTC) (envelope-from matus.harvan@inf.ethz.ch) Received: from xfe2.d.ethz.ch ([82.130.124.42]) by XSMTP0.ethz.ch with Microsoft SMTPSVC(6.0.3790.3959); Wed, 31 Oct 2007 14:43:49 +0100 Received: from styx.inf.ethz.ch ([129.132.74.245]) by xfe2.d.ethz.ch over TLS secured channel with Microsoft SMTPSVC(6.0.3790.3959); Wed, 31 Oct 2007 14:43:48 +0100 Received: by styx.inf.ethz.ch (Postfix, from userid 1001) id A660D49AC91; Wed, 31 Oct 2007 14:43:48 +0100 (CET) Date: Wed, 31 Oct 2007 14:43:48 +0100 From: Matus Harvan To: "Bruce M. Simpson" Message-ID: <20071031134348.GD1165@styx.ethz.ch> References: <20070909201152.GA18039@inf.ethz.ch> <20071026153128.GF1049@styx.ethz.ch> <4722A8DD.6060601@FreeBSD.org> <20071031004709.GB2564@styx.ethz.ch> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="Km1U/tdNT/EmXiR1" Content-Disposition: inline In-Reply-To: <20071031004709.GB2564@styx.ethz.ch> User-Agent: Mutt/1.5.16 (2007-06-09) X-OriginalArrivalTime: 31 Oct 2007 13:43:48.0770 (UTC) FILETIME=[10B20020:01C81BC4] Cc: freebsd-net@freebsd.org, Brooks Davis , Max Laier Subject: Re: icmp echo_user X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 31 Oct 2007 13:57:24 -0000 --Km1U/tdNT/EmXiR1 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Wed, Oct 31, 2007 at 01:47:09AM +0100, Matus Harvan wrote: [...] > In case icmpechouser is enabled >=20 > * should the packet be dropped if it was multicast/broadcast and > icmpbcastecho is disabled? >=20 > I guess yes. Thinking about this again, I think the bmcastecho meaning is about generating repleis rather than receiving requests. From icmp(4): bmcastecho (boolean) Enable/disable ICMP replies received via bro= ad- cast or multicast. Defaults to false. Hence, I don't think that the packet should be dropped even if icmpbcastecho is disabled. Hence, I think it would be OK to keep the 'goto raw' at the beginning (as it was in the patch I have sent) rather than moving it down to the 'goto reflect'. Matus --Km1U/tdNT/EmXiR1 Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.4 (FreeBSD) iD8DBQFHKIaU43LQWDWf0QIRAqFsAJ9DLKF2MkQQUZQL3hh8QRo0ShC9RwCffZq8 rprswlngrvlWrW9rZrfnhh0= =ceUx -----END PGP SIGNATURE----- --Km1U/tdNT/EmXiR1--