lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Fri, 25 Nov 2011 16:44:07 +0100 (CET) From: Jan Engelhardt <jengelh@...ozas.de> To: Hans Schillström <hans.schillstrom@...csson.com> cc: Hans Schillstrom <hans@...illstrom.com>, "kaber@...sh.net" <kaber@...sh.net>, "pablo@...filter.org" <pablo@...filter.org>, "netfilter-devel@...r.kernel.org" <netfilter-devel@...r.kernel.org>, "netdev@...r.kernel.org" <netdev@...r.kernel.org> Subject: RE: [v4 PATCH 2/2] NETFILTER userspace part for target HMARK On Friday 2011-11-25 15:04, Hans Schillström wrote: > >>On Friday 2011-11-25 10:36, Hans Schillstrom wrote: >> >>>+Parameters: >>>+For all masks default is all "1:s", to disable a field use mask 0 >>>+For IPv6 it's just the last 32 bits that is included in the hash >> >>Why limit IPv6 to 32? > >Performance, and the gain of adding another 192 bits to jhash ain't much. >However there is some cases when it hurts, i.e. when you can't mask of an subnet >I'm not sure it it's a problem or not... I was thinking about the case where two particular hosts have the same trailing 32 bits in their source address. For example, assuming IPv6 starts to take a stronghold in the real world and home customers start assigning <myprefix>::1 to the little home server (i.e. the PPP endpoint) of theirs for remote login. -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists