Date: Fri, 21 Jan 2000 19:59:12 -0800 (PST) From: Matthew Dillon <dillon@apollo.backplane.com> To: Giorgos Keramidas <charon@hades.hell.gr> Cc: Brett Glass <brett@lariat.org>, Warner Losh <imp@village.org>, Darren Reed <avalon@coombs.anu.edu.au>, security@FreeBSD.ORG Subject: Re: stream.c worst-case kernel paths Message-ID: <200001220359.TAA66907@apollo.backplane.com> References: <200001210417.PAA24853@cairo.anu.edu.au> <200001210642.XAA09108@harmony.village.org> <200001212321.PAA64674@apollo.backplane.com> <4.2.2.20000121163937.01a51dc0@localhost> <20000122044638.B27337@hades.hell.gr>
next in thread | previous in thread | raw e-mail | index | archive | help
:So what needs to be done is:
:
:(a) drop all multicast packets that reach the tcp stack.
:(b) extend ICMP_BANDLIM to RST packets, and
:(c) avoid sending anything tcp to a multicast address
:
:Do I forget something here?
:
:-- Giorgos
That's pretty much it. I've already sent a patch set to Warner for (b).
I don't think we should do (a) or (c) until after the release, multicast
isn't going to explode on us in the next 4 months.
-Matt
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200001220359.TAA66907>