Re: rp_filter (was: `attacks')
On Tue, Jun 04, 2002 at 07:01:17PM -0400, Jeff Bonner wrote:
> > > a point I've been trying to resolve... would "2" be better?
> > > What would be the implications of using it, more overhead?
> > According to the docs I have available (2.4.18 kernel docs),
> > there is no "2" setting for rp_filter (it's a boolean). What
> > docs are you looking at?
> Right off the top of my head, I don't remember where I read that.
> However, I do have the following bookmarked, and even though this
> doesn't say the choices are 0, 1 and 2, it does show it as a "2":
>
> http://www.linuxdoc.org/HOWTO/Adv-Routing-HOWTO-13.html
>
> Maybe that's is where I got the idea, but I don't *think* it's the
> document in question -- I seem to recall reading that 1 was reverse
> path, and 2 was some kind of additional check. That was months ago
> so I could be entirely wrong.
This is one difference between the 2.2 and 2.4 Linux Kernels. 2.2
knows 0, 1, 2 (see Documentation/networking/ip-sysctl.txt in source
tree), but 2.4 knows only 0 and 1. Same file in the source.
--
Ciao, Arne.
,``ò. OpenBSD - Debian GNU/Linux - Solaris -o)
>( ç@ GPG 1024D/913C2F81 2000-10-11 Arne P. Boettger <apb@createx.de> /\\
',,,' Fingerprint = 6ED9 9A64 CD8A EB6F D841 0391 2F08 8F86 913C 2F81 _\_V
--
To UNSUBSCRIBE, email to debian-firewall-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to: