[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: frag6: better limitation
On 31 January 2018 at 08:46, Manuel Bouyer <bouyer%antioche.eu.org@localhost> wrote:
> On Wed, Jan 31, 2018 at 08:17:36AM +0100, Maxime Villard wrote:
>> My patch is useful only if you restrict addresses in the first place. In that
>> case there is only a limited number of craftable src addresses. Typically:
>> wm0 [public side]: allow 10 IPv6 addresses
>> wm1 [local side]: allow everything
> This seems to be a very specific and rare use case ...
Would a combination of global and a per interface limit handle most of
the cases without increased DoS risk?
Main Index |
Thread Index |