netbase: portmap and spoofprotect() Q's
- To: "Firewallers" <firstname.lastname@example.org>
- Subject: netbase: portmap and spoofprotect() Q's
- From: "Paul Tod Rieger" <email@example.com>
- Date: Wed, 24 May 2000 11:26:52 -0400
- Message-id: <firstname.lastname@example.org>
While commenting out the portmap references in /etc/init.d/netbase (Slink)
to close the SunRPC port, I noticed that the
spoofprotect() rules to "deny incoming packets pretending to be from our own
system" were commented out.
1) why is this -- because they require an IP address, don't work, or the
ipmasq rules (which I'm using) supercede them? In other words, should I add
my WAN/Internet IP and uncomment the rules? (configuration is: eth0
connects to Internet, eth1 connects to private LAN, with ipmasq in between)
2) do any services other than RPC need portmap?
Thanks for any help!