I think that's a valid DoS vector, due to its efficiency.
Not the first time an invalid iptables rule can be passed and wreck things -- maybe they should consider testing them in a sandbox before applying them, rather than try to sanitize them and then apply them blindly...
I think that's a valid DoS vector, due to its efficiency.
Not the first time an invalid iptables rule can be passed and wreck things -- maybe they should consider testing them in a sandbox before applying them, rather than try to sanitize them and then apply them blindly...