Re: CVS commit: basesrc

To: Keith Moore <moore%cs.utk.edu@localhost>
Subject: Re: CVS commit: basesrc
From: itojun%iijlab.net@localhost
Date: Sun, 12 Mar 2000 16:11:06 +0900

>> disallow packets to malicious 6to4 prefix, based on
>> http://playground.iijlab.net/i-d/draft-itojun-ipv6-transition-abuse-00.txt
>do I understand this right?  you are preventing folks from using 6to4?

        No, what I've added are following items.  They are:
        - 6to4 address mapped from 224.0.0.0/4
        - 6to4 address mapped from 127.0.0.0/8
        - 6to4 address mapped from 0.0.0.0/32
        - 6to4 address mapped from 255.255.255.255/32
        they are pretty bogus and should not be sent to the wire from
        any of IPv6 node (127.0.0.0/8 may be okay, but looks pretty strange).

itojun


# disallow packets to malicious 6to4 prefix
route add -inet6 2002:e000:: -prefixlen 20 ::1 -reject
route add -inet6 2002:7f00:0000:: -prefixlen 24 ::1 -reject
route add -inet6 2002:0000:0000:: -prefixlen 48 ::1 -reject
route add -inet6 2002:ffff:ffff:: -prefixlen 48 ::1 -reject

Follow-Ups:
- Re: CVS commit: basesrc
  - From: Keith Moore

References:
- Re: CVS commit: basesrc
  - From: Keith Moore

Prev by Date: Re: CVS commit: basesrc
Next by Date: Re: CVS commit: basesrc
Previous by Thread: Re: CVS commit: basesrc
Next by Thread: Re: CVS commit: basesrc
Indexes:

Home | Main Index | Thread Index | Old Index