netbase: portmap and spoofprotect() Q's

To: "Firewallers" <debian-firewall@lists.debian.org>
Subject: netbase: portmap and spoofprotect() Q's
From: "Paul Tod Rieger" <prie@abl.com>
Date: Wed, 24 May 2000 11:26:52 -0400
Message-id: <000101bfc594$7c9da0c0$0404a8c0@electra.abl.com>

While commenting out the portmap references in /etc/init.d/netbase (Slink)
to close the SunRPC port, I noticed that the
spoofprotect() rules to "deny incoming packets pretending to be from our own
system" were commented out.

1) why is this -- because they require an IP address, don't work, or the
ipmasq rules (which I'm using) supercede them?  In other words, should I add
my WAN/Internet IP and uncomment the rules?  (configuration is: eth0
connects to Internet, eth1 connects to private LAN, with ipmasq in between)

2) do any services other than RPC need portmap?

Thanks for any help!

Tod
abl.com

Reply to:

Follow-Ups:
- Re: netbase: portmap and spoofprotect() Q's
  - From: Seth Vidal <skvidal@phy.duke.edu>

Prev by Date: Is anyone using or planning to package DeleGate (http://www.delegate.org/)
Next by Date: Re: netbase: portmap and spoofprotect() Q's
Previous by thread: Is anyone using or planning to package DeleGate (http://www.delegate.org/)
Next by thread: Re: netbase: portmap and spoofprotect() Q's
Index(es):
- Date
- Thread