in filter.inc, the initial ruleset for ipf contains the following line:
block in $log quick all with ipopts
this line currently blocks IGMP multicast packets, so i've succesfully
removed it from filter.inc.
hower, my reason for this email is to check why incoming packets with IP
options are blocked by default, and what implications have i opened up by
removing this rule ? or rather, what was the reasoning behind adding this
rule in ?
--
---------------------------------------------------------------------
Dinesh Nair <dinesh at qubeconnect dot com> Tel: +60 3 8991 0088
Founder/Technology Direct: +60 3 8991 0099
QubeConnect Sdn Bhd Fax: +60 3 8994 2000
---------------------------------------------------------------------
--
Regards, /\_/\ "All dogs go to heaven."
dinesh at alphaque dot com (0 0) http://www.openmalaysiablog.com/
+==========================----oOO--(_)--OOo----==========================+
| for a in past present future; do |
| for b in clients employers associates relatives neighbours pets; do |
| echo "The opinions here in no way reflect the opinions of my $a $b." |
| done; done |
+=========================================================================+ | 