[LEDE-DEV] [PATCH 1/3] Remove ttl==255 restriction for queries

Bjørn Mork bjorn at mork.no
Fri Sep 29 00:52:39 PDT 2017


Note that security is the usual (only?) reason one would enforce TTL=255.
Requiring TTL=255 is the same as guaranteeing that the packet source is
in the same L2 domain.  This prevents any direct remote attack.

Please do not propose any patches removing such a restriction without at
least explaining why this can be done without negative security
implications. Thanks



Bjørn



More information about the Lede-dev mailing list