Question #194991 on HIPL changed: https://answers.launchpad.net/hipl/+question/194991 Miika Komu posted a new comment: The current way of handling the issue conflicts with RVS and also HIPv2 when it hits the trunk. I would suggest to revert this patch from the trunk until its properly solved: revno: 6363 committer: Diego Biurrun <diego@xxxxxxxxxx> branch nick: trunk timestamp: Tue 2012-03-27 14:51:53 +0200 message: hipfw: Reject I1 packets larger than the HIP header size. By accepting I1 packets that exceed the HIP header size we would open ourselves up to cross-firewall communication. Hosts could exchange I1 packets between themselves and attach arbitrary payload after the HIP header. modified: hipfw/conntrack.c hipfw/hipfw_defines.h -- You received this question notification because you are a member of HIPL core team, which is an answer contact for HIPL.