| commit | 53730310cd53827525662c5b16ffad174361805f | |
| author | Matthew Dillon <dillon@dragonflybsd.org> | |
| Wed, 25 Apr 2007 21:55:33 +0000 (25 21:55 +0000) | ||
| committer | Matthew Dillon <dillon@dragonflybsd.org> | |
| Wed, 25 Apr 2007 21:55:33 +0000 (25 21:55 +0000) | ||
| tree | 3c496ea7c4d9c5b47936df55da7e7d7c43753e1c | treesnapshot (tar.gz zip) |
| parent | 21a8194982c5a1c5e2cfc0446003f0f3cecde9f2 | commitdiff |
IPV6 type 0 route headers are a flawed design, insecure by default, and
open hosts and networks up to DOS attacks by allowing normal router IP
filtering to be bypassed. Disable them by default.
Submitted-by: Hasso Tepper <hasso@estpak.ee>
Obtained-from: OpenBSD
open hosts and networks up to DOS attacks by allowing normal router IP
filtering to be bypassed. Disable them by default.
Submitted-by: Hasso Tepper <hasso@estpak.ee>
Obtained-from: OpenBSD
| sys/netinet6/in6_proto.c | diffblobblamehistory | |
| sys/netinet6/ip6_var.h | diffblobblamehistory | |
| sys/netinet6/route6.c | diffblobblamehistory |