Re: Internet from Windows/NT thru Linux
On Tue, May 05, 1998 at 09:44:56AM -0400, Bill Leach wrote:
> The file '/etc/init.d/netbase' has the commands for setting up you
> IP-Masquerading. The defaults that I have seen are always to deny.
No, they don't. There are some firewall setup commands only:
# deny incoming packets pretending to be from 127.0.0.1
ipfwadm -I -d deny -o -P all -S 127.0.0.0/8 -W eth0 -D 0/0 2>/dev/null || true
ipfwadm -I -d deny -o -P all -S 127.0.0.0/8 -W eth1 -D 0/0 2>/dev/null || true
ipfwadm -I -i deny -o -P all -S 127.0.0.0/8 -W eth0 -D 0/0 >/dev/null
ipfwadm -I -i deny -o -P all -S 127.0.0.0/8 -W eth1 -D 0/0 >/dev/null
There are only these commands, and a few others, to prevent IP spoofing.
This seems to be a common misconception.
Hamish Moffatt, email@example.com, firstname.lastname@example.org, email@example.com
Latest Debian packages at ftp://ftp.rising.com.au/pub/hamish. PGP#EFA6B9D5
CCs of replies from mailing lists are welcome. http://hamish.home.ml.org
To UNSUBSCRIBE, email to firstname.lastname@example.org
with a subject of "unsubscribe". Trouble? Contact email@example.com