Re: unclean match

To: Michael Kreilmeier <michi@kreilmeier.at>
Cc: debian-firewall@lists.debian.org
Subject: Re: unclean match
From: Bernd Eckenfels <lists@lina.inka.de>
Date: Tue, 20 Aug 2002 14:34:40 +0200
Message-id: <[🔎] 20020820123440.GA12667@lina.inka.de>
In-reply-to: <[🔎] 1029846010.633.11.camel@z618>
References: <[🔎] 1029846010.633.11.camel@z618>

On Tue, Aug 20, 2002 at 02:20:08PM +0200, Michael Kreilmeier wrote:
> It'd be nice if somebody could tell me what kind of packets it matches
> or at least where to get some information.

it matches unclean packages. those are icmp packets with illegal types,
those are tcp packets with illegal flag combinations, it catches some common
udp length errors. it also checks for icmp error messages that enough
payload of the original packets was included to be able to verify them. You
best read the source, then you have the definitive answer.

The idea behind this is mainly for forwarding, to catch packets which would
be ignored by good host stacks anyway, and could cause harm on bad ip
implementations.

Greetings
Bernd
-- 
  (OO)      -- Bernd_Eckenfels@Wendelinusstrasse39.76646Bruchsal.de --
 ( .. )  ecki@{inka.de,linux.de,debian.org} http://home.pages.de/~eckes/
  o--o     *plush*  2048/93600EFD  eckes@irc  +497257930613  BE5-RIPE
(O____O)  When cryptography is outlawed, bayl bhgynjf jvyy unir cevinpl!

Reply to:

Follow-Ups:
- Re: unclean match
  - From: Michael Kreilmeier <michi@kreilmeier.at>

References:
- unclean match
  - From: Michael Kreilmeier <michi@kreilmeier.at>

Prev by Date: Re: unclean match
Next by Date: Re: unclean match
Previous by thread: Re: unclean match
Next by thread: Re: unclean match
Index(es):
- Date
- Thread