Julian Elischer wrote: > > On Thu, 6 May 2004, Sam Leffler wrote: > > > > > For fine-grained selection packet filtering is the better solution. This is a > > simple, much lighterweight, mechanism that doesn't require touching every > > packet. > > I would only do the tests if the packet HAD an ip option.. > > either way I'm not going to scream about it.. > just my thoughts on the matter.. On a side note: Setting this sysctl to ignore does not prevent the host from generating or receiving packets with IP options on sockets. Only from adding to them when they come by. Rejecting such packets does not prevent you from sending them but certainly does from receiving them. -- AndreReceived on Thu May 06 2004 - 15:18:50 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:37:53 UTC