<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
</head>
<body>
<div class="moz-cite-prefix"><font size="4">Hi, Tom & Paul:</font></div>
<div class="moz-cite-prefix"><font size="4"><br>
</font></div>
<div class="moz-cite-prefix"><font size="4">1) " ... </font><font
size="4"> hand waved ... ": Through my line of work, I was
trained to behave exactly the opposite. I am surprised at you
jumping to the conclusion, even before challenging me about
where did I get my viewpoint from. The fact is, it has been
clearly documented in our IETF draft for the last couple years
(since Rev-06 on 2019 Dec. 1)! For your convenience, please see
below a copy of the potential target code fragment and critique.
It appears to me that our software member suggested to comment
out only one line (1047).<br>
</font></div>
<p><font size="4"><br>
</font></p>
<p><font size="4">Regards,</font></p>
<div class="moz-cite-prefix"><font size="4"><br>
</font></div>
<div class="moz-cite-prefix"><font size="4"><br>
</font></div>
<div class="moz-cite-prefix"><font size="4">Abe (2022-03-26 18:16)
</font><br>
</div>
<div class="moz-cite-prefix"><br>
</div>
<div class="moz-cite-prefix"><br>
</div>
<div class="moz-cite-prefix">****************<br>
</div>
<div class="moz-cite-prefix">
<pre class="newpage"><span class="h3"><a class="selflink" id="appendix-D.1" href="https://datatracker.ietf.org/doc/html/draft-chen-ati-adaptive-ipv4-address-space#appendix-D.1">D.1</a>. Candidate Code for Modification</span>
The following short JavaScript function named "ifip" in the TP-Link
Archer C20 V4 source code has been shown to selectively reject
specific ranges of IP addresses. In particular, Line 1047 uses a "2's
Complement" technique to identify the 240/4 netblock as "PRESERVED",
thus rejecting it. A quick scan of the firmware code in the router
indicates that this function is a popular utility because there are
numerous processes calling for it. So, this should be the best
candidate to start testing our concept.
lib.js:1040:ifip: function(ip, unalert) {
lib.js-1041-if ((ip = $.ip2num(ip)) === false) return $.alert(ERR_IP_FORMAT, unalert);
lib.js-1042-if (ip == -1) return $.alert(ERR_IP_BROADCAST, unalert);
lib.js-1043-var net = ip >> 24;
lib.js-1044-if (net == 0) return $.alert(ERR_IP_SUBNETA_NET_0, unalert);
lib.js-1045-if (net == 127) return $.alert(ERR_IP_LOOPBACK, unalert);
lib.js-1046-if (net >= -32 && net < -16) return $.alert(ERR_IP_MULTICAST, unalert);
lib.js-1047-if (net >= -16 && net < 0) return $.alert(ERR_IP_PRESERVED, unalert);
lib.js-1048-return 0;
lib.js-1049-},
<span class="h3"><a class="selflink" id="appendix-D.2" href="https://datatracker.ietf.org/doc/html/draft-chen-ati-adaptive-ipv4-address-space-10#appendix-D.2">D.2</a>. Proposed Modification</span>
To stop rejecting the 240/4 netblock addressed packets, below is a
modification that comments out Line 1047, a modification that has
been shown to eliminate javascript pre-validation of 240/4 IP
addresses, allowing them to be sent within the router, where a second
layer of validation rejects them in a different way.
lib.js:1040: ifip: function(ip, unalert) {
lib.js-1041- if ((ip = $.ip2num(ip)) === false) return $.alert(ERR_IP_FORMAT, unalert);
lib.js-1042- if (ip == -1) return $.alert(ERR_IP_BROADCAST, unalert);
lib.js-1043- var net = ip >> 24;
lib.js-1044- if (net == 0) return $.alert(ERR_IP_SUBNETA_NET_0, unalert);
lib.js-1045- if (net == 127) return $.alert(ERR_IP_LOOPBACK, unalert);
lib.js-1046- if (net >= -32 && net < -16) return $.alert(ERR_IP_MULTICAST, unalert);
lib.js-1047- //if (net >= -16 && net < 0) return $.alert(ERR_IP_PRESERVED, unalert);
lib.js-1048- return 0;
lib.js-1049-},
****************
</pre>
</div>
<div class="moz-cite-prefix"><br>
</div>
<div class="moz-cite-prefix">On 2022-03-26 12:37, Tom Beecher wrote:<br>
</div>
<blockquote type="cite"
cite="mid:CAL9Qcx7JBq_uPgBByfVdM2rt_hbGn-Q+vpSmR11fQBeAtt9VjQ@mail.gmail.com">
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<div dir="ltr">
<blockquote class="gmail_quote" style="margin:0px 0px 0px
0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">Have
you ever considered that this may be in fact:<br>
<br>
*/writing/* and */deploying/* the code that will allow the use
of 240/4 the<br>
way you expect<br>
</blockquote>
<div><br>
</div>
<div>While Mr. Chen may have considered that, he has repeatedly
hand waved that it's 'not that big a deal.', so I don't think
he adequately grasps the scale of that challenge. </div>
</div>
<br>
<div class="gmail_quote">
<div dir="ltr" class="gmail_attr">On Sat, Mar 26, 2022 at 9:53
AM Paul Rolland <<a href="mailto:rol@witbe.net"
moz-do-not-send="true" class="moz-txt-link-freetext">rol@witbe.net</a>>
wrote:<br>
</div>
<blockquote class="gmail_quote" style="margin:0px 0px 0px
0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">Hello,<br>
<br>
On Sat, 26 Mar 2022 09:35:30 -0400<br>
"Abraham Y. Chen" <<a href="mailto:aychen@avinta.com"
target="_blank" moz-do-not-send="true"
class="moz-txt-link-freetext">aychen@avinta.com</a>>
wrote:<br>
<br>
> touching the hardware, by implementing the EzIP technique
(*/disabling/* <br>
> the program code that has been */disabling/* the use of
the 240/4 <br>
> netblock), an existing CG-NAT module becomes a RAN! As to
universal <br>
<br>
Have you ever considered that this may be in fact:<br>
<br>
*/writing/* and */deploying/* the code that will allow the use
of 240/4 the<br>
way you expect <br>
<br>
<br>
Paul<br>
</blockquote>
</div>
</blockquote>
<p><br>
</p>
<div id="DAB4FAD8-2DD7-40BB-A1B8-4E2AA1F9FDF2"><br />
<table style="border-top: 1px solid #D3D4DE;">
<tr>
<td style="width: 55px; padding-top: 13px;"><a href="https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=emailclient&utm_term=icon" target="_blank"><img src="https://ipmcdn.avast.com/images/icons/icon-envelope-tick-round-orange-animated-no-repeat-v1.gif" alt="" width="46" height="29" style="width: 46px; height: 29px;" /></a></td>
<td style="width: 470px; padding-top: 12px; color: #41424e; font-size: 13px; font-family: Arial, Helvetica, sans-serif; line-height: 18px;">Virus-free. <a href="https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=emailclient&utm_term=link" target="_blank" style="color: #4453ea;">www.avast.com</a>
</td>
</tr>
</table><a href="#DAB4FAD8-2DD7-40BB-A1B8-4E2AA1F9FDF2" width="1" height="1"> </a></div></body>
</html>