>> >> Some stacks will allow TCP connection to be established to the broadcast
>> >> address configured on any given interface.
>> >...
>> >It's true that this doesn't catch packets that are sent by Ethernet
>> >unicast to the IP broadcast address.  I'm not sure what the prevailing
>> >opinion on this is, but we should probably filter such packets.
>> 
>> i'm of the opinion that something somewhere ought to be checking that
>> the layer two address matches the layer three address in type, ie
>> unicast, broadcast, multicast, (or anycast).
>> 
>> this however, would probably be decidedly non-trivial, and rather
>> expensive.
>
>Not to mention it would actually break DHCP.

do you mean with the initial packet that the client sends?  or
something else?  i was only postulating checking the dst addresses.

-- 
|-----< "CODE WARRIOR" >-----|
codewarrior@daemon.org             * "ah!  i see you have the internet
twofsonet@graffiti.com (Andrew Brown)                that goes *ping*!"
andrew@crossbar.com       * "information is power -- share the wealth."