From owner-freebsd-stable Thu Feb 14 0:10:40 2002 Delivered-To: freebsd-stable@freebsd.org Received: from whale.sunbay.crimea.ua (whale.sunbay.crimea.ua [212.110.138.65]) by hub.freebsd.org (Postfix) with ESMTP id 7D67E37B416 for ; Thu, 14 Feb 2002 00:10:33 -0800 (PST) Received: (from ru@localhost) by whale.sunbay.crimea.ua (8.11.6/8.11.2) id g1E89Ns21964; Thu, 14 Feb 2002 10:09:23 +0200 (EET) (envelope-from ru) Date: Thu, 14 Feb 2002 10:09:23 +0200 From: Ruslan Ermilov To: Cy Schubert - CITS Open Systems Group Cc: Michael Meltzer , Attila Nagy , stable@FreeBSD.ORG Subject: Re: 127/8 in ip_output.c Message-ID: <20020214100923.A21603@sunbay.com> References: <03f401c1b4bb$7f97bfa0$34f820c0@ix1x1000> <200202140030.g1E0UeV97449@cwsys.cwsent.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <200202140030.g1E0UeV97449@cwsys.cwsent.com> User-Agent: Mutt/1.3.23i Sender: owner-freebsd-stable@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Wed, Feb 13, 2002 at 04:30:05PM -0800, Cy Schubert - CITS Open Systems Group wrote: > In message <03f401c1b4bb$7f97bfa0$34f820c0@ix1x1000>, "Michael Meltzer" > writes: > > I try it out tonight, head good things about it already, ThankYou. > > > > For what is worth, it seems the problem he is really a > > routing table issue, it seem that on FreeBSD-stable (without the code) if > > you where trying to ping 127.0.0.2 (which is not defined) the message goes > > out the default route, which is a bad thing :-) but by adding "route > > add -net 127.0.0.0 127.0.0.1 255.0.0.0" which cleaned > > this up nicely and BTW is how most interfaces handle unknow local networks > > hosts > > :-) I am sure that thier is a problem doing this (never seen local host > > route the address 127.* space, :-) but ..... > > With UNIX there are a dozen ways to solve any problem. Here is > solution #2. > > /sbin/route add -net 127.0.0.0 -netmask 255.0.0.0 -iface lo0 -blackhole > Perhaps you don't realize that this fixes only the half of the problem. The other half is the source address in -net 127: ping -S 127.1 1.2.3.4 telnet -s 127.1 1.2.3.4 The routing doesn't solve this, and firewall is optional. Cheers, -- Ruslan Ermilov Sysadmin and DBA, ru@sunbay.com Sunbay Software AG, ru@FreeBSD.org FreeBSD committer, +380.652.512.251 Simferopol, Ukraine http://www.FreeBSD.org The Power To Serve http://www.oracle.com Enabling The Information Age To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message