Re: Ip-spofing or Source address verification

Bernd Eckenfels (ecki@lina.inka.de)
Wed, 2 Jun 1999 02:56:24 +0200

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Stephen C. Tweedie: "Re: 2.2.9 hangs in truncate_inode_pages"
Previous message: I Lee Hetherington: "Re: Pentium III's SSE instructions"
Maybe in reply to: Jorge Novo: "Ip-spofing or Source address verification"

In article <37539EDC.9CA3620D@educanet.net> you wrote:
> With the kernel 2.2.9 i can activate the ip-spofing using the
> file rp_filter, but in the kernel 2.0.36 how i can do this?

You just add deny rules to every interface denying the source address for
all other interfaces. (with ipfwadm -I -i deny -Snet2/16 -W if1 ; ipfwadm -I
-i deny -Snet1/16 -W if2)

Greetings
Bernd

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

Next message: Stephen C. Tweedie: "Re: 2.2.9 hangs in truncate_inode_pages"
Previous message: I Lee Hetherington: "Re: Pentium III's SSE instructions"
Maybe in reply to: Jorge Novo: "Ip-spofing or Source address verification"