icmp echo_user
Matus Harvan
mharvan at inf.ethz.ch
Wed Oct 31 06:57:24 PDT 2007
On Wed, Oct 31, 2007 at 01:47:09AM +0100, Matus Harvan wrote:
[...]
> In case icmpechouser is enabled
>
> * should the packet be dropped if it was multicast/broadcast and
> icmpbcastecho is disabled?
>
> I guess yes.
Thinking about this again, I think the bmcastecho meaning is about
generating repleis rather than receiving requests. From icmp(4):
bmcastecho (boolean) Enable/disable ICMP replies received via broad-
cast or multicast. Defaults to false.
Hence, I don't think that the packet should be dropped even if
icmpbcastecho is disabled.
Hence, I think it would be OK to keep the 'goto raw' at the beginning
(as it was in the patch I have sent) rather than moving it down to the
'goto reflect'.
Matus
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-net/attachments/20071031/861578ae/attachment.pgp
More information about the freebsd-net
mailing list