tcp hostcache and ip fastforward for review
Damian Gerow
dgerow at afflictions.org
Wed Nov 12 19:30:21 PST 2003
I've been thinking about this all day...
Thus spake Jesper Skriver <jesper at freebsd.org> [23:53:26 11/12/03:
: > + /*
: > + * Only unicast IP, not from loopback, no L2 or IP broadcast,
: > + * no multicast, no INADDR_ANY
: > + */
: > + if ((m->m_pkthdr.rcvif->if_flags & IFF_LOOPBACK) ||
: > + (ntohl(ip->ip_src.s_addr) == (u_long)INADDR_BROADCAST) ||
:
: #jesper
: You will never see packets with a multicast source address.
Do you mean:
Any packets with a multicast source address will be dropped by the kernel
before this point, or that no host will ever send a packet with a
multicast source address?
In the former, that's fine. In the latter, how does one guarantee that
there isn't a malicious host out there sending spoofed multicast-source
packets?
- Damian
More information about the freebsd-current
mailing list