From: Cody Tubbs <tubbs@wispdirect.com>
To: Patrick McHardy <kaber@trash.net>
Cc: netfilter-devel@lists.netfilter.org
Subject: Re: ipv4options still broken (posted prev w/ no reply)...
Date: Wed, 31 May 2006 12:02:10 -0700 [thread overview]
Message-ID: <1149102130.6167.20.camel@mbox> (raw)
In-Reply-To: <447DE2F3.8090104@trash.net>
Or maybe possibly restrain from presuming every system or device on the
market today handles these options accordingly, and acting as if I'm
ignorant for even bringing it up. You vent via arrogant remarks, same
bowl, different soup. But indeed, you do have the ability to ignore,
the same ability you used before when responding to this thread
regarding the true topic at hand. Nothing you quoted me on was in my
initial emails, the first one yesterday, or the one two weeks ago'ish.
Only post your arrogance.
Also, like Patrick stated, we appreciate the work, but being treated
ignorantly when stating bugs to a dev list is uncalled for. Period.
Bottom line is, it would be nice to -j LOG these options passing through
or attempting to be passed through a bridged firewall. It details
malicious activity, thus deterring that fact into a presumption that "I
most likely have more serious problems" was blatantly absurd.
-Cody Tubbs
On Wed, 2006-05-31 at 20:39 +0200, Patrick McHardy wrote:
> Cody Tubbs wrote:
> > What about in a bridged firewall situation, you're saying Linux will
> > strip these ip options out while forwarding? automatically? Is this
> > something that can be turned on or off?
> >
> > but oh wait, I forgot...
> > Why does tcpdump show these ip options still attached even when not
> > forwarding? :) (latest kernel) heh++
>
> I never said anything about stripping, but you're right that bridging
> will happily forward them.
>
> > On the contrary, you simply asked me who still supports these ip options
> > and I gave you a minimal list, thus if giving you an answer is annoying,
> > this thread must be an act of pissing in the wind.
>
> Its very simple, just keep things like "101 something", "root of
> stupidity" and "heh++" to yourself and you'll make a much better
> impression. Until then I choose to ignore you.
>
next prev parent reply other threads:[~2006-05-31 19:02 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <1149033568.27117@www.broadwayinternet.com>
2006-05-30 23:46 ` ipv4options still broken (posted prev w/ no reply) Patrick McHardy
2006-05-31 4:54 ` Patrick Schaaf
2006-05-31 13:55 ` Patrick McHardy
2006-05-31 17:45 ` Cody Tubbs
2006-05-31 18:39 ` Patrick McHardy
2006-05-31 19:02 ` Cody Tubbs [this message]
2006-06-01 3:25 ` Patrick McHardy
2006-05-30 17:47 Cody Tubbs
2006-05-30 19:22 ` Patrick McHardy
2006-05-30 21:16 ` Cody Tubbs
2006-05-30 23:05 ` Patrick McHardy
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1149102130.6167.20.camel@mbox \
--to=tubbs@wispdirect.com \
--cc=kaber@trash.net \
--cc=netfilter-devel@lists.netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.