| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAF0Lin0xTW4oQ0OQaTzJhoS6XV3nbb8yZx8jDMAcGyJo9zTs9A@mail.gmail.com> Date: Fri, 13 Sep 2013 09:21:42 +0200 From: Andy Johnson <johnsonzjo@...il.com> To: netdev@...r.kernel.org Subject: ICMP rate limiting in IPv4 but not in IPv6 Hello, I am trying to understand the difference between ICMP rate limiting in IPv4 and in IPv6. In IPv4 we have the ability to rate limit ICMPv4 while in IPv6 we do not have this ability. To be more code-oriented: The icmpv4_xrlim_allow() method does inspect the rate mask, (net->ipv4.sysctl_icmp_ratemask) whereas the icmpv6_xrlim_allow() method does not inspect the rate mask. I do not understand why, for example, we can rate limit ICMPv4 messages of Echo Reply and not rate limit ICMPv6 messages of Echo Reply. See: icmp_ratemask and icmp_ratelimit in Documentation/networking/ip-sysctl.txt I believe there is some reason behind it (adding checking of rate mask seems to me trivial). I try to figure out the reason behind this but I did not find anything reasonable, Does anybody happen to know ? Regards, Andy -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists