[OT] Re: rp_filtering
Jan Engelhardt
jengelh at linux01.gwdg.de
Mon Jul 11 20:18:38 CEST 2005
>> That means someone could send a srcip=192.168.222.1 dstip=217.245.127.134
>> packet to me on ippp0, could it? Or where is the verification...
>
>No, because you cannot use a Linux box own IP as source of a packet
Whoops, meant srcip=192.168.222.34
>received on any other interface than lo. If you do this, packet will be
>discarded.
>
>BTW, what's the relation with Netfilter ?
It's about filtering.
I probably need to add a filter rule for ippp0 to prevent this case.
Jan Engelhardt
--
More information about the netfilter-devel
mailing list