Re: Network Security hole (was -> Re: arp bug )

• Next message: erich@uruk.org: "Re: Network Security hole (was -> Re: arp bug )"
• Previous message: Russell King: "Re: Network Security hole (was -> Re: arp bug )"
• In reply to: Alan Cox: "Re: Network Security hole (was -> Re: arp bug )"
• Next in thread: erich@uruk.org: "Re: Network Security hole (was -> Re: arp bug )"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

        Hello,

On Sat, 2 Mar 2002, Alan Cox wrote:

> Language confusion - "if you want to make the case" = "if you want to argue
> that a value of rp_filter = 2 should in future (after you implement it) mean
> apply a both way rule - then I agree)

        Yes, the arp_prefsrc feature can depend on rp_filter||arp_filter
but I prefer to keep it independent. And there is an agreement on netdev
that all ARP filtering issues (including the problem with shared IPs
in clusters) should be fixed by maintaining ARP hooks for universal
filtering. Then even the arp_prefsrc feature can be implemented with
proper rules. TODO. Until then, this is a temp solution.

> Alan

Regards

--
Julian Anastasov <ja@ssi.bg>
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

• Next message: erich@uruk.org: "Re: Network Security hole (was -> Re: arp bug )"
• Previous message: Russell King: "Re: Network Security hole (was -> Re: arp bug )"
• In reply to: Alan Cox: "Re: Network Security hole (was -> Re: arp bug )"
• Next in thread: erich@uruk.org: "Re: Network Security hole (was -> Re: arp bug )"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b29 : Thu Mar 07 2002 - 21:00:25 EST