| To: | a.kasparas@xxxxxx (Aidas Kasparas) |
|---|---|
| Subject: | Re: [Ipsec-tools-devel] ipv4/ipv6 forwarding check |
| From: | Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx> |
| Date: | Fri, 29 Oct 2004 17:23:53 +1000 |
| Cc: | latten@xxxxxxxxxxxxxx, ipsec-tools-devel@xxxxxxxxxxxxxxxxxxxxx, netdev@xxxxxxxxxxx |
| In-reply-to: | <4181EBC3.3020507@gmc.lt> |
| Organization: | Core |
| Sender: | netdev-bounce@xxxxxxxxxxx |
| User-agent: | tin/1.7.4-20040225 ("Benbecula") (UNIX) (Linux/2.4.27-hx-1-686-smp (i686)) |
Aidas Kasparas <a.kasparas@xxxxxx> wrote: > > Meanwhile, I would like to recomend to abstain from upgrading to > anything above 2.6.9. Doesn't sound like a good idea as that's a massive security hole. Racoon with a pre-2.6.9 kernel will allow source addresses to come through the IPsec tunnel even if the violate IPsec policies. -- Visit Openswan at http://www.openswan.org/ Email: Herbert Xu ~{PmV>HI~} <herbert@xxxxxxxxxxxxxxxxxxx> Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt |
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| ||
| Previous by Date: | Re: Fw: [Bugme-new] [Bug 3657] New: downed interfaces acting as aliases, David S. Miller |
|---|---|
| Next by Date: | Re: Fw: [Bugme-new] [Bug 3657] New: downed interfaces acting as aliases, Ben Greear |
| Previous by Thread: | Re: [Ipsec-tools-devel] ipv4/ipv6 forwarding check, David S. Miller |
| Next by Thread: | Re: [Ipsec-tools-devel] ipv4/ipv6 forwarding check, Aidas Kasparas |
| Indexes: | [Date] [Thread] [Top] [All Lists] |