>On FreeBSD -CURRENT and -STABLE, packets to broadcast addresses are not
>forwarded.
"smurf" attacks love using broadcast forwarders.
RFC 2644 says:
> A router MAY have an option to enable receiving network-prefix-
> directed broadcasts on an interface and MAY have an option to
> enable forwarding network-prefix-directed broadcasts. These
> options MUST default to blocking receipt and blocking forwarding
> of network-prefix-directed broadcasts.
So, your patch just adds the mentioned option -- which I'm fine with,
as long as the default is 0 as the RFC requires...
Bill
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message
