[LEDE-DEV] [PATCH 1/3] Remove ttl==255 restriction for queries

Syrone Wong wong.syrone at gmail.com
Fri Sep 29 01:28:26 PDT 2017


The sad truth is it has been pushed via
https://github.com/lede-project/source/commit/00e9a7aacb66b3f00df2002e8210bdb5086d2e0c


Best Regards,
Syrone Wong


On Fri, Sep 29, 2017 at 3:52 PM, Bjørn Mork <bjorn at mork.no> wrote:
> Note that security is the usual (only?) reason one would enforce TTL=255.
> Requiring TTL=255 is the same as guaranteeing that the packet source is
> in the same L2 domain.  This prevents any direct remote attack.
>
> Please do not propose any patches removing such a restriction without at
> least explaining why this can be done without negative security
> implications. Thanks
>
>
>
> Bjørn
>
> _______________________________________________
> Lede-dev mailing list
> Lede-dev at lists.infradead.org
> http://lists.infradead.org/mailman/listinfo/lede-dev



More information about the Lede-dev mailing list