| To: | Pekka Savola <pekkas@xxxxxxxxxx> |
|---|---|
| Subject: | Re: [Patch]: IPv6 Connection Tracking |
| From: | Andras Kis-Szabo <kisza@xxxxxxxxxxxxxxxx> |
| Date: | 25 Sep 2003 21:07:18 +0200 |
| Cc: | Netfilter Devel <netfilter-devel@xxxxxxxxxxxxxxxxxxx>, Netdev <netdev@xxxxxxxxxxx>, usagi-core@xxxxxxxxxxxxxx |
| In-reply-to: | <Pine.LNX.4.44.0309252151180.11253-100000@xxxxxxxxxx> |
| Organization: | SecurityAudit |
| References: | <Pine.LNX.4.44.0309252151180.11253-100000@xxxxxxxxxx> |
| Sender: | netdev-bounce@xxxxxxxxxxx |
Hi,
> What I fear is that in the end, nothing gets done because having the goal
> set to perfection. If there is no energy to drive through the
> L3-independent connecting tracking, the end result is that the user does
> not have this feature (remember ip6tables REJECT target? That must have
> been sitting in netfilter for some 2+ years, and not having been
> integrated in the mainline kernel and the users still do not have the
> feature!).
I have felt the same on Brad Chapman's port. That code has lost in time
:(
> > Your FTP code uses EPSV and EPRT from rfc2428. What's about the FOOBAR
> > RFC (1639)? OK, it's a joke :)
> > Could we open an IPv4 data connection next to the IPv6 controll
> > connection?
> What about LPRT and LPSV?
This is the rfc1639/foobar :)
Regards,
kisza
--
Andras Kis-Szabo Security Development, Design and Audit
-------------------------/ Zorp, NetFilter and IPv6
kisza@xxxxxxxxxxxxxxxx /------------------------------------------->
|
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| ||
| Previous by Date: | Re: [PATCH][ATM]: [ioctl][1/8] move vcc_ioctl() to ioctl.c (from levon@xxxxxxxxxxxxxxxxx), Mitchell Blank Jr |
|---|---|
| Next by Date: | Re: net/sctp/sm_make_chunk.c alignment problems on parisc64, Arnaldo Carvalho de Melo |
| Previous by Thread: | Re: [Patch]: IPv6 Connection Tracking, Pekka Savola |
| Next by Thread: | Re: [Patch]: IPv6 Connection Tracking, Pekka Savola |
| Indexes: | [Date] [Thread] [Top] [All Lists] |