Hi,
Sun has recently released an advisory for a Solaris DoS caused by
malformed IP-in-IP packets (IP proto 0). I tried to block them at my
OpenBSD pf firewall with "block in quick proto ip", but the pf.conf
parser specifically prohibits this:
if (pr == 0) {
yyerror("proto 0 cannot be used");
YYERROR;
}
Is there any other way of blocking IP proto 0 packets?
Thanks
- Ian
--
Ian Chard, Senior Unix and Network Gorilla | E: [EMAIL PROTECTED]
Systems and Electronic Resources Service | T: 80587 / (01865) 280587
Oxford University Library Services | F: (01865) 242287
