IP spoofing protection

To: debian-user@lists.debian.org
Subject: IP spoofing protection
From: Carel Fellinger <cfelling@iae.nl>
Date: Tue, 9 Jan 2001 03:11:09 +0100
Message-id: <[🔎] 20010109031109.A6846@animus.fel.iae.nl>
Mail-followup-to: debian-user@lists.debian.org

I sent the following to debian-firewall, but noone reacted, so I try here.

=========================

Hai and a jolly new year,

I'm in the process of switching from pmfirewall to ipmasq. I've read
a lot, and now I'm confused:)

I thought rp_filter was supposed to prevent ip spoofing, but ipmasq
still adds rules like:

   ipchains -A input -j DENY -i ! lo -s 127.0.0.1/255.0.0.0 -l
   ipchains -A input -j DENY -i ! eth1 -s 192.168.1.1/255.255.255.0 -l

Am I correct in assuming this is only done to get the logging?

The second point of confusion is here:

   ipchains -A output -j DENY -i ! eth1 -d 192.168.1.1/255.255.255.0 -l

Is this just the routing being checked by ipchains rules?  Am I correct
in assuming this would be useless on a well configured machine?

-- 
groetjes, carel

Reply to:

Follow-Ups:
- Re: IP spoofing protection
  - From: Osamu Aoki <debian@aokiconsulting.com>

Prev by Date: Re: AOL on Linux?
Next by Date: Re: Making a bootable LILO floppy
Previous by thread: RE: Need help with XFree86 (fwd)
Next by thread: Re: IP spoofing protection
Index(es):
- Date
- Thread