[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Firewalling with DHCP client

Michael Wood wrote:
> Depending on exactly what it is you're doing in your script, you
> might be able to set up the rules based on the interface instead
> of the IP address.  This way you can set up the firewall rules
> on boot before you even bring up the networking and not have to
> change them when your IP address changes.

In most of the firewall examples, there are antispoofing rules at the 
beginning. And in this case, you need your IP address. However the 
kernel can check IP spoofing directly (rp_filter in 2.2) but I don't
know what it is doing exactly.


Reply to: