Re: kern/52074: -current npf map directive broken

To: kern-bug-people%netbsd.org@localhost,gnats-admin%netbsd.org@localhost,netbsd-bugs%netbsd.org@localhost,kardel%netbsd.org@localhost
Subject: Re: kern/52074: -current npf map directive broken
From: Martin Husemann <martin%duskware.de@localhost>
Date: Thu, 11 May 2017 12:55:00 +0000 (UTC)

The following reply was made to PR kern/52074; it has been noted by GNATS.

From: Martin Husemann <martin%duskware.de@localhost>
To: Joerg Sonnenberger <joerg%bec.de@localhost>
Cc: gnats-bugs%NetBSD.org@localhost
Subject: Re: kern/52074: -current npf map directive broken
Date: Thu, 11 May 2017 14:51:51 +0200

 On Thu, May 11, 2017 at 02:19:49PM +0200, Joerg Sonnenberger wrote:
 > On Thu, May 11, 2017 at 10:47:28AM +0100, Roy Marples wrote:
 > > I agree with Robert, we shouldn't be sending packets on the wire from an
 > > address we don't own.
 > 
 > That depends. The transparent proxy case is tricky in this regard...
 
 I wonder if we should just tag the mbufs as "authorized" somehow if
 they come via a packet filter and have been NATed.
 
 Martin

Prev by Date: Re: kern/52074: -current npf map directive broken
Next by Date: Re: port-next68k/52205 (Wrong locator on zsc at intio line in dmesg)
Previous by Thread: Re: kern/52074: -current npf map directive broken
Next by Thread: Re: kern/52074: -current npf map directive broken
Indexes:

Home | Main Index | Thread Index | Old Index