In message <3A71BC34.F8024103@cup.hp.com> you write:
> I thought that most firewalls were supposed to be insanely paranoid.
> Perhaps it would be considered a possible covert data channel, as
> farfecthed as that may sound.
If they were `insanely paranoid' they wouldn't just be doing packet
filtering. The firewall designers can't have it both ways.
1) Dropping these packets is wrong, but it won't get fixed if noone
pressures them to. Fixing this now also makes future standards
enhancements easier, by bringing the 'net closer to compliance.
2) Sending RSTs is completely fucked up. Those firewalls are too
braindamaged to live.
Distros will probably turn ECN off, but maybe if we fix enough of the
net, later versions may not.
Rusty.
-- Premature optmztion is rt of all evl. --DK - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Wed Jan 31 2001 - 21:00:28 EST