| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 05 Apr 2007 14:16:53 +0200 From: Patrick McHardy <kaber@...sh.net> To: Herbert Xu <herbert@...dor.apana.org.au> CC: Linux Netdev List <netdev@...r.kernel.org> Subject: Re: IPsec PMTUD problem Herbert Xu wrote: > On Thu, Apr 05, 2007 at 02:09:20PM +0200, Patrick McHardy wrote: > >>>One possible solution is to not send MTU errors to ourselves since >>>we it wouldn't give us any new information. We'd need to audit the >>>users of icmp_send to make sure that there isn't a legitimate case >>>where we'd want to do that. >> >>One such case is delivery of errors to sockets. We'd need to make >>sure the errors are delivered some other way. > > > Alternatively we can still send the ICMP error but avoid a PMTU > update if we received it from ourselves. That sounds easier. I'm currently working in that area anyway, I'll give it a try. - To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists