NOTA BENE: This message is entirely my opinion and should not be taken
as anything else!

> 	NetBSD ships with 'net.inet.ip.forwsrcrt = 1'.  This means it
> 	will forward source routed packets.

This is as it should be.  Source routes are in IP for a reason, and
they're useful in some cases (most cases where I've wished for them
have been fault isolation debugging).  Yes, it's unfortunate that there
are a lot of hosts out there that handle them wrong, but that's not the
fault of source routes and breaking source routes is the wrong fix.

Granted, there are environments where shooting the messenger..er,
refusing to forward source routed packets, is desirable, mostly if you
are stuck with a vendor OS and the usual vendor "support" and hence
_can't_ fix the broken hosts.  This is why we should have an option to
turn off such forwarding.  It is not a reason to ship with that option
enabled by default.

					der Mouse

			       mouse@rodents.montreal.qc.ca
		     7D C8 61 52 5D E7 2D 39  4E F1 31 3E E8 B3 27 4B