RE: rp_filter (was: `attacks')
> -----Original Message-----
> From: Mark Ferlatte [mailto:firstname.lastname@example.org]
> Sent: Tuesday, June 04, 2002 1:32 PM
> To: 'debian'
> Subject: Re: attacks
> > a point I've been trying to resolve... would "2" be better?
> > What would be the implications of using it, more overhead?
> According to the docs I have available (2.4.18 kernel docs),
> there is no "2" setting for rp_filter (it's a boolean). What
> docs are you looking at?
Right off the top of my head, I don't remember where I read that.
However, I do have the following bookmarked, and even though this
doesn't say the choices are 0, 1 and 2, it does show it as a "2":
Maybe that's is where I got the idea, but I don't *think* it's the
document in question -- I seem to recall reading that 1 was reverse
path, and 2 was some kind of additional check. That was months ago
so I could be entirely wrong.
Incidentally, would you care to review the rest of my script for
correctness? ;) I have solicited folks on the debian-firewall
and netfilter lists, but no takers. It's about 7KB, FWIW.
To UNSUBSCRIBE, email to email@example.com
with a subject of "unsubscribe". Trouble? Contact firstname.lastname@example.org