Date: Mon, 27 Oct 1997 20:41:04 PST From: Bill Fenner <fenner@parc.xerox.com> To: Guido van Rooij <guido@freebsd.org> Cc: cvs-committers@freebsd.org, cvs-all@freebsd.org, cvs-sys@freebsd.org Subject: Re: cvs commit: src/sys/netinet ip_input.c Message-ID: <97Oct27.204111pst.177487@crevenia.parc.xerox.com> In-Reply-To: Your message of "Mon, 27 Oct 97 13:07:27 PST." <199710272107.NAA27213@freefall.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Guido van Rooij <guido@FreeBSD.ORG> wrote: > Modified files: > sys/netinet ip_input.c > Log: > When dosourcerouting is set do not sourceoute.... Well, let's be clear about what the semantics are. Previously, they were: "Do not allow yourself to be named as a router in a source-route, but forward LSRR packets if you're not one of the routers in the source-route, and accept source-routed packets if you're the ultimate destination." Now, they are: "Do not forward any source-routed packets, but still accept source-routed packets if you're the ultimate destination". Are these the semantics we want? (My personal feeling is that there should be 2 variables, one for forwarding and one for accepting). However, there is a problem with the actual change: the "goto" bypasses the strcpy() which gives log() something to print. In addition, the whole log(LOG_WARNING, ...) for each packet provides a wonderful denial of service attack (I understand this isn't new with this commit, but it's still an issue). Bill
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?97Oct27.204111pst.177487>