Re: [RFC] sctp/tcp: Question -- ICMPv4 length check (not) redundant?

[RFC] sctp/tcp: Question -- ICMPv4 length check (not) redundant? · Gerrit Renker <hidden> · 2008-07-25
Re: [RFC] sctp/tcp: Question -- ICMPv4 length check (not) redundant? · Vlad Yasevich <hidden> · 2008-07-26
Re: [RFC] sctp/tcp: Question -- ICMPv4 length check (not) redundant? · David Miller <davem@davemloft.net> · 2008-07-26
Re: [RFC] sctp/tcp: Question -- ICMPv4 length check (not) redundant? · Gerrit Renker <hidden> · 2008-07-26
Re: [RFC] sctp/tcp: Question -- ICMPv4 length check (not) redundant? · David Miller <davem@davemloft.net> · 2008-07-26
Re: [RFC] sctp/tcp: Question -- ICMPv4 length check (not) redundant? · Gerrit Renker <hidden> · 2008-07-26
Re: [RFC] sctp/tcp: Question -- ICMPv4 length check (not) redundant? · Herbert Xu <herbert@gondor.apana.org.au> · 2008-07-27
Re: [RFC] sctp/tcp: Question -- ICMPv4 length check (not) redundant? · Herbert Xu <herbert@gondor.apana.org.au> · 2008-07-27
Re: [RFC] sctp/tcp: Question -- ICMPv4 length check (not) redundant? · Gerrit Renker <hidden> · 2008-07-28
Re: [RFC] sctp/tcp: Question -- ICMPv4 length check (not) redundant? · Herbert Xu <herbert@gondor.apana.org.au> · 2008-07-28
Re: [RFC] sctp/tcp: Question -- ICMPv4 length check (not) redundant? · Vlad Yasevich <hidden> · 2008-07-28
Re: [RFC] sctp/tcp: Question -- ICMPv4 length check (not) redundant? · Gerrit Renker <hidden> · 2008-07-28
Re: [RFC] sctp/tcp: Question -- ICMPv4 length check (not) redundant? · Vlad Yasevich <hidden> · 2008-07-28
Re: [RFC] sctp/tcp: Question -- ICMPv4 length check (not) redundant? · Gerrit Renker <hidden> · 2008-07-28
Re: [RFC] sctp/tcp: Question -- ICMPv4 length check (not) redundant? · Vlad Yasevich <hidden> · 2008-07-28
Re: [RFC] sctp/tcp: Question -- ICMPv4 length check (not) redundant? · David Miller <davem@davemloft.net> · 2008-07-30
Re: [RFC] sctp/tcp: Question -- ICMPv4 length check (not) redundant? · Vlad Yasevich <hidden> · 2008-07-30
Re: [RFC] sctp/tcp: Question -- ICMPv4 length check (not) redundant? · Herbert Xu <herbert@gondor.apana.org.au> · 2008-07-29

From: Gerrit Renker <hidden>
Date: 2008-07-28 17:44:42

| > In TCP, the 8 bytes happen to be enough for doing sequence number checks. Other
| > protocols have different header lengths and semantics. Thus doing the checks
| > at the transport layer makes more sense than in the ICMP handler.
| > 
| > RFC 1122 is almost 20 years old, from a time before IPcomp, SCTP, or DCCP.
| 
| So the suggestion really is then to remove the length check icmp_unreach()?
| 
Yes, but there are a large number of handlers in which the check is absent
(TCPv4, SCTPv4 and DCCP are exceptions). This would need to be added.

The ipv6/icmp.c code agrees with your suggestion of using 8 bytes as
lower bound.

I did not want to jump to the conclusion of writing a patch, since there are
more complex uses of ICMP (such as in a nested tunnel, perhaps with IPsec).
This needs to be understood.

Gerrit

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help