[newbie] rc.firewall
rp_filter turns on Source Address Verification to provide some protection against IP spoofing attacks. rp_filter checks each packet to verify that replies to that packet would route back out the same interface it was received on. Take a look at section 15.3 of the latest Firewall and Proxy Server How-To for a little bit of code that turns on rp_filter for each interface to pick up interfaces that were added after rp_filter was initially set. I'm not sure why its done this way instead of default way Mandrake does it. - Ralph You wrote: > What does the default entry in /etc/rc.d/rc.firewall "echo 1 > /proc/sys/net/ipv4/conf/all/rp_filter" do? Or more directly - what is rp_filter?
Re: [newbie] rc.firewall
I coulnd't tell you the use of the rp_filter, but I know that I have already set up several masquerade firewall and never changed its velue. I only make sure that ip_forward is set to 1 HTH Flupke On Tue, 13 Jun 2000, Victor Richardson wrote: > I'm setting up a home cable-modem home behind a > Mandrake 7.1 box, I've > checked out the MASQ and Firewall HOWTO's and > understand them. Actually, > I used them with 6.0. Although, a few things have > changed since then. I > also searched the archives and there was only one > posting that didn't > answer this basic question; > > What does the default entry in /etc/rc.d/rc.firewall > "echo 1 > > /proc/sys/net/ipv4/conf/all/rp_filter" do? Or more > directly - what is > rp_filter? > > Do I need to include this line in the MASQ/firewall > rules provided in > the docs? > > Thanks, Victor > > > > > -- << There's no place like ~ ! >>
[newbie] rc.firewall
I'm setting up a home cable-modem home behind a Mandrake 7.1 box, I've checked out the MASQ and Firewall HOWTO's and understand them. Actually, I used them with 6.0. Although, a few things have changed since then. I also searched the archives and there was only one posting that didn't answer this basic question; What does the default entry in /etc/rc.d/rc.firewall "echo 1 > /proc/sys/net/ipv4/conf/all/rp_filter" do? Or more directly - what is rp_filter? Do I need to include this line in the MASQ/firewall rules provided in the docs? Thanks, Victor