On Wed, Jan 07, 2004 at 05:16:51PM +0100, Henrik Nordstrom wrote:
> Harald: What do you think about making the patch civilised and restricting
> the TTL to be set to lower values only eleminating the need of the above
> safeguard match? (simply change "new_ttl != iph->ttl" to "new_ttl < 
> iph->ttl")

No. The most common use of the TTL target is to re-increment the ttl to
64 at the gateway.  This is for br0ken ISP's that don't allow you to use
a router behind your DSL line.  They check if the TTL is one of the
commonly-used values (32,64,128).. .if it is an odd number, they drop
the packet.

Yes, it is dangerous.  That's why we didn't put it in the stock kernel.
But still, it has valid uses :(

> Regards
> Henrik

-- 
- Harald Welte <laforge@netfilter.org>             http://www.netfilter.org/
============================================================================
  "Fragmentation is like classful addressing -- an interesting early
   architectural error that shows how much experimentation was going
   on while IP was being designed."                    -- Paul Vixie