redhat-config-securitylevel question
Dax Kelson
Dax at GuruLabs.com
Wed Oct 1 18:29:35 UTC 2003
On Wed, 2003-10-01 at 12:01, Bill Nottingham wrote:
> Pekka Pietikainen (pp at ee.oulu.fi) said:
> > I noticed redhat-config-securitylevel got the following change, and
> > was wondering about the rationale (bug 104561 seemed to be marked
> > private last time I checked)
> >
> > * Thu Sep 18 2003 Bill Nottingham <notting at redhat.com> 1.2.8-1
> >
> > - allow ICMP in general (#104561)
> >
> > I was under the impression the previous version which allowed echo and
> > --state RELATED,ESTABLISHED allows all the icmp traffic that is necessary to
> > be a Good Internet Citizen (tm), but obviously there was some case
> > it didn't cover :-)
>
> The bug reprot was about 'need-to-fragment' messages, among others.
need-to-fragment is the only one that matters, really.
AFAIK "RELATED" matches it. Like I said, I'm going to setup a test
topology to verify it with my own eyes. I haven't yet done it yet. Maybe
next week.
Dax Kelson
Guru Labs
More information about the fedora-test-list
mailing list