From owner-cvs-all Wed Feb 21 1:39:35 2001 Delivered-To: cvs-all@freebsd.org Received: from freesbee.wheel.dk (freesbee.wheel.dk [193.162.159.97]) by hub.freebsd.org (Postfix) with ESMTP id 1B20D37B65D; Wed, 21 Feb 2001 01:39:27 -0800 (PST) (envelope-from jesper@skriver.dk) Received: by freesbee.wheel.dk (Postfix, from userid 1001) id 9F27F3E68; Wed, 21 Feb 2001 10:39:25 +0100 (CET) Date: Wed, 21 Feb 2001 10:39:25 +0100 From: Jesper Skriver To: Ruslan Ermilov Cc: Jonathan Lemon , cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: Re: cvs commit: src/sys/netinet ip_input.c Message-ID: <20010221103925.G93678@skriver.dk> References: <200102202131.f1KLVmD90813@freefall.freebsd.org> <20010221105306.D32098@sunbay.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20010221105306.D32098@sunbay.com>; from ru@FreeBSD.org on Wed, Feb 21, 2001 at 10:53:06AM +0200 Sender: owner-cvs-all@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Wed, Feb 21, 2001 at 10:53:06AM +0200, Ruslan Ermilov wrote: > On Tue, Feb 20, 2001 at 01:31:48PM -0800, Jesper Skriver wrote: > > jesper 2001/02/20 13:31:48 PST > > > > Modified files: > > sys/netinet ip_input.c > > Log: > > Send a ICMP unreachable instead of dropping the packet silent, if we > > receive a packet not for us, and forwarding disabled. > > > > PR: kern/24512 > > Reviewed by: jlemon > > Approved by: jlemon > > This violates Host Requirements RFC 1122. In section 3.2.1.3, we read: Oups, what about - even if it violates the rfc, it's quite usefull in some corner cases - it's something we use locally here, so I suggest leaving it in, but disabled by default, and with the warning, ok ? /Jesper Index: ip_input.c =================================================================== RCS file: /home/ncvs/src/sys/netinet/ip_input.c,v retrieving revision 1.153 diff -u -r1.153 ip_input.c --- ip_input.c 2001/02/20 21:31:47 1.153 +++ ip_input.c 2001/02/21 09:35:31 @@ -124,9 +124,9 @@ &ip_keepfaith, 0, "Enable packet capture for FAITH IPv4->IPv6 translater daemon"); -int ip_send_unreach = 1; +int ip_send_unreach = 0; SYSCTL_INT(_net_inet_ip, OID_AUTO, send_unreach, CTLFLAG_RW, &ip_send_unreach, - 0, "Send ICMP unreach when packet not for us rx, and forwarding disabled"); + 0, "Send ICMP unreach when packet not for us rx, and forwarding disabled, note violate rfc1122 section 3.2.1.3"); #ifdef DIAGNOSTIC static int ipprintfs = 0; @@ -592,6 +592,9 @@ /* * If we receive a packet not for us, and forwarding disabled * send a ICMP host unreachable back to the source. + * + * Note: violate rfc1122 section 3.2.1.3, therefor disabled + * by default. */ if (ip_send_unreach) icmp_error(m, ICMP_UNREACH, ICMP_UNREACH_HOST, 0, 0); /Jesper -- Jesper Skriver, jesper(at)skriver(dot)dk - CCIE #5456 Work: Network manager @ AS3292 (Tele Danmark DataNetworks) Private: FreeBSD committer @ AS2109 (A much smaller network ;-) One Unix to rule them all, One Resolver to find them, One IP to bring them all and in the zone to bind them. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message