[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: filtering packets with unknown options
On 12-Jul-2006, at 11:33, Iljitsch van Beijnum wrote:
An alternative would be to set the contents of the option to all
zero bits, this should be easier to implement than removing the
header from the packet.
For clarity, I presume you mean set the option type in each TLV the
firewall is unhappy about (in all options extension headers that
might be present) to zero ("skip this option").
It all still smells a bit nasty, though.
Joe