icmp redirects on one-armed linux routers
From: dwhite
Date: Fri Jun 03 2005 - 13:13:52 EST
Just wondering, is there any reason why the patch mentioned in the
following post has not been implemented (as of kernel 2.6.11.11 it is
not)? Is it a matter of testing? Is there a better alternative to solve
the problem described in the thread?
http://oss.sgi.com/projects/netdev/archive/2004-07/msg00512.html
The current behavior (unchanged from that described in the post above) can
be problematic, for example when I want to do stateful firewalling on my
linux router. I've been applying the patch therein to recent kernels and
it seems to be doing the right thing (sends redirects only when the
redirect target is on the same subnet as the sending host).
Any thoughts?
TIA
-dave (IANAP)
ps. please cc me directly in your response :)
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/