Subject: Re: illegal network routes and a ponderance
To: None <tech-net@netbsd.org>
From: der Mouse <mouse@Rodents.Montreal.QC.CA>
List: tech-net
Date: 02/22/2003 13:39:03
> As I read it, I became fully aware of an interesting property of
> source-routed connections.  Packets in one direction have an
> destination and source addresses which aren't just reversed source
> and destination adresses in the opposite direction.

That's right.

> Can ipfilter 'keep state' in this situation?

I don't know.  I don't use stateful ipfilter rules, so I've never had
occasion to care.  (Stateful ipfilter breaks another assumption
underlying IP, that being that intermediate routers are stateless, at
least as far as the communicating endpoints are concerned.)

/~\ The ASCII				der Mouse
\ / Ribbon Campaign
 X  Against HTML	       mouse@rodents.montreal.qc.ca
/ \ Email!	     7D C8 61 52 5D E7 2D 39  4E F1 31 3E E8 B3 27 4B