Re: Interface Envy
Hey, don't the newer kernels have builtin spoof protection.
>From http://metalab.unc.edu/mdw/HOWTO/IPCHAINS-HOWTO-5.html#ss5.7
# This is the best method: turn on Source Address Verification and get
# spoof protection on all current and future interfaces.
if [ -e /proc/sys/net/ipv4/conf/all/rp_filter ]; then
echo -n "Setting up IP spoofing protection..."
for f in /proc/sys/net/ipv4/conf/*/rp_filter; do
echo 1 > $f
done
echo "done."
else
echo PROBLEMS SETTING UP IP SPOOFING PROTECTION. BE WORRIED.
Cheers,
Roland.
--
Tell me and I'll forget; show me and I may remember;
involve me and I'll understand - Chinese Proverb.
Reply to: