On 01/12/2012 03:39 AM, Fernando Gont wrote:
Do we want this in our stack although it is not an RFC yet?
Or perhaps only in pf for extra security?
I should note that an RFC can take at least a year to publish (if ever).
We should not wait for an RFC. We should wait for a consensus to emerge.
On 01/11/2012 12:16 AM, Alexander Bluhm wrote:
> On Tue, Jan 10, 2012 at 07:51:03PM -0300, Fernando Gont wrote:
>> On 01/10/2012 01:20 PM, Alexander Bluhm wrote:
>>> Implement RFC 5722 and drop all IPv6 fragments that belong to a
>>> packet with overlapping fragments.
>>
>> FWIW, you may be interes
On Tue, Jan 10, 2012 at 07:51:03PM -0300, Fernando Gont wrote:
> On 01/10/2012 01:20 PM, Alexander Bluhm wrote:
> > Implement RFC 5722 and drop all IPv6 fragments that belong to a
> > packet with overlapping fragments.
>
> FWIW, you may be interested in this one, too:
> http://tools.ietf.org/id/dr
On 01/10/2012 01:20 PM, Alexander Bluhm wrote:
> Implement RFC 5722 and drop all IPv6 fragments that belong to a
> packet with overlapping fragments.
FWIW, you may be interested in this one, too:
http://tools.ietf.org/id/draft-gont-6man-ipv6-atomic-fragments-00.txt
Thanks,
--
Fernando Gont
e-mai
Hi,
Implement RFC 5722 and drop all IPv6 fragments that belong to a
packet with overlapping fragments.
ok?
bluhm
Index: netinet6/frag6.c
===
RCS file: /data/mirror/openbsd/cvs/src/sys/netinet6/frag6.c,v
retrieving revision 1.39
di
