Thanks for your comments. > Um, please don't post HTML to mailing lists. It is the evil web-mail I use, which use HTML by default, no fancy formatting.
> And here's another problem: be careful with filtering in the raw > table. Filtering should be done in the filter table (which, go > figure, may be why they named it "filter".) I was just following some online examples of firewalls, for instance the one on the arch wiki: https://wiki.archlinux.org/index.php/Simple_stateful_firewall which states: This can be done with netfilter instead if statistics (and better logging) are desired: # iptables -t raw -I PREROUTING -m rpfilter --invert -j DROP Anyway, rpfilter can only be used in the raw table, I think. By the way, filtering in iptables seems not exactly identical to rp_filter in sysctl. The one in iptables blocks messages from 0.0.0.0 to 255.255.255.255. Sysctl doesn't. _______________________________________________ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss