Re: ipfilter, return-icmp and RFC1122

To: tech-net%NetBSD.org@localhost
Subject: Re: ipfilter, return-icmp and RFC1122
From: der Mouse <mouse%Rodents.Montreal.QC.CA@localhost>
Date: Thu, 5 Jun 2008 14:49:49 -0400 (EDT)

> At the very least, I would return some kind of error for packets
> headed to port 113 (ident) as a courtesy so that people/apps don't
> have to wait for a timeout.

Yeah, but that's TCP, and you want an RST rather than an ICMP
unreachable (return-rst, I think, is the keyword).

> P.S. To anybody inclined to respond, I'm not interested in arguments
> about the usefulness of the ident protocol.

Yeah, far too many people think it's supposed to be something it's not,
and then point out - at exhausting length - how thoroughly it fails to
be that thing it's not trying to be. :-/

/~\ The ASCII                           der Mouse
\ / Ribbon Campaign
 X  Against HTML               mouse%rodents.montreal.qc.ca@localhost
/ \ Email!           7D C8 61 52 5D E7 2D 39  4E F1 31 3E E8 B3 27 4B

References:
- Re: ipfilter, return-icmp and RFC1122
  - From: John Nemeth

Prev by Date: Re: ipfilter, return-icmp and RFC1122
Next by Date: Re: i82573L mtu
Previous by Thread: Re: ipfilter, return-icmp and RFC1122
Next by Thread: Re: ipfilter, return-icmp and RFC1122
Indexes:

Home | Main Index | Thread Index | Old Index