Date: Wed, 26 Jan 2000 10:35:47 -0700 From: Brett Glass <brett@lariat.org> To: "Rodney W. Grimes" <freebsd@gndrsh.dnsmgr.net>, Don.Lewis@tsc.tdk.com (Don Lewis) Cc: dillon@apollo.backplane.com (Matthew Dillon), imp@village.org (Warner Losh), security@FreeBSD.ORG Subject: Re: Merged patches Message-ID: <4.2.2.20000126103426.03d34520@localhost> In-Reply-To: <200001261114.DAA74269@gndrsh.dnsmgr.net> References: <200001260011.QAA28012@salsa.gv.tsc.tdk.com>
next in thread | previous in thread | raw e-mail | index | archive | help
At 04:14 AM 1/26/2000 , Rodney W. Grimes wrote: >The short and simple answer: >ipfw add deny ip from 240.0.0.0/4 to any > >The longer answer: >Manning is not very clear on Class E space, Technically 255.255.255.255 >is a class E address, and is part of ``a range left unspecified''. Putting >your patch above in would be ``specifing'' a behavior. But yet Manning >later says: > > Note: No addresses are allowed with the four highest-order bits > set to 1-1-1-1. These addresses, called "classE", are reserved. > >Reserved means we should not be putting in hard code that effects how >they behave, IMNSO. > >Your going to have to do the short and simple answer covers to cover >the other parts of this space anyway, so you might as well only do it >one place and not create what may be a headache for someone else. How about making it a sysctl/rc.conf variable? --Brett To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4.2.2.20000126103426.03d34520>