Date: Thu, 10 Feb 2005 13:19:32 +0300 From: Gleb Smirnoff <glebius@freebsd.org> To: Andre Oppermann <oppermann@networx.ch> Cc: "David G. Andersen" <dga@lcs.mit.edu> Subject: Re: Kern/73129 and 5.3-STABLE Message-ID: <20050210101932.GB21066@cell.sick.ru> In-Reply-To: <420A7712.45001B85@networx.ch> References: <20050209170802.GA39472@lcs.mit.edu> <420A4957.15E0D656@networx.ch> <20050209185828.GD39472@lcs.mit.edu> <20050209203534.GA41287@lcs.mit.edu> <420A7712.45001B85@networx.ch>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, Feb 09, 2005 at 09:48:18PM +0100, Andre Oppermann wrote: A> The problem is with locally generated packets which go the wrong way. A> This gets nasty when the box has to generate some path MTU discovery A> ICMP message and such. What I implemented is the correct thing to do A> and prevents foot-shooting. On the other hand it prevents people from A> forwarding local ports and such. Both sides of the coin have merit A> and there is no easy deciding between them or obvious right or wrong A> choice. If it will fix said PR but break forwarding of local ports, then this is not acceptable. In this case we will have another PRs in short period. All functionality in ipfw fwd must remain present. -- Totus tuus, Glebius. GLEBIUS-RIPN GLEB-RIPE
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20050210101932.GB21066>