[LEDE-DEV] [PATCH 1/3] Remove ttl==255 restriction for queries
Bjørn Mork
bjorn at mork.no
Fri Sep 29 00:52:39 PDT 2017
Note that security is the usual (only?) reason one would enforce TTL=255.
Requiring TTL=255 is the same as guaranteeing that the packet source is
in the same L2 domain. This prevents any direct remote attack.
Please do not propose any patches removing such a restriction without at
least explaining why this can be done without negative security
implications. Thanks
Bjørn
More information about the Lede-dev
mailing list