[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Resolved: locking oneself out, unroutable addresses

Pascal Hambourg <pascal.mail@plouf.fr.eu.org> writes:
> Daniel Pittman a écrit :
>>>>>>So, can anyone suggest what I should do with packets that have a
>>>>>>source address of
>>>>>Junk them -- they have no real business on your network, as
>>>>>isn't a valid assigned address on the live Internet.
>>>> Except at least when you use DHCP on your network. DHCP clients use
>>>> as a source address when issuing DHCP requests until they
>>>> get a regular address from the server.
>> Heh.  That wont help: you can't assign to an interface in
>> Linux,
>> so the DHCP client uses a "packet socket" -- reading direct from the
>> interface, bypassing the firewall.
> That sounds consistant. But what about the DHCP server side ?

It made the ISC DHCP developers very unhappy when it changed within
Linux, and I believe that the same is required on the server side
because you cannot assign as a valid source address their


Reply to: