Subject: Re: CVS commit: basesrc
To: Keith Moore <moore@cs.utk.edu>
From: None <itojun@iijlab.net>
List: source-changes
Date: 03/12/2000 16:11:06
>> disallow packets to malicious 6to4 prefix, based on
>> http://playground.iijlab.net/i-d/draft-itojun-ipv6-transition-abuse-00.txt
>do I understand this right? you are preventing folks from using 6to4?
No, what I've added are following items. They are:
- 6to4 address mapped from 224.0.0.0/4
- 6to4 address mapped from 127.0.0.0/8
- 6to4 address mapped from 0.0.0.0/32
- 6to4 address mapped from 255.255.255.255/32
they are pretty bogus and should not be sent to the wire from
any of IPv6 node (127.0.0.0/8 may be okay, but looks pretty strange).
itojun
# disallow packets to malicious 6to4 prefix
route add -inet6 2002:e000:: -prefixlen 20 ::1 -reject
route add -inet6 2002:7f00:0000:: -prefixlen 24 ::1 -reject
route add -inet6 2002:0000:0000:: -prefixlen 48 ::1 -reject
route add -inet6 2002:ffff:ffff:: -prefixlen 48 ::1 -reject