Protecting against spoofing with IPTABLES

To: debian-user@lists.debian.org
Subject: Protecting against spoofing with IPTABLES
From: Simon <dev@networker.co.nz>
Date: Thu, 30 Jun 2005 12:46:47 +1200
Message-id: <[🔎] 42C340F7.4040303@networker.co.nz>

Hi There,

Using debian testing with two ethernet cards.. To get eth1 (on aseperate subne) working correctly, ive had to change/proc/sys/net/ipv4/conf/eth1/rp_filter to 0. Now i need a simplesolution to protect against spoofing attacks on this interface... I havean example setup, but i want to make sure i have it correct.. cansomeone confirm for me?...


iptables -F
iptables -A INPUT -i lo -j ACCEPT
iptables -N SPOOF
iptables -A SPOOF -i eth1 -j SPOOF

Is this correct - or have i got it ALL wrong.

Thanks

Simon

Reply to:

Follow-Ups:
- Re: Protecting against spoofing with IPTABLES
  - From: Jon Dowland <dowland@gmail.com>

Prev by Date: Re: Perl upgrade risks
Next by Date: MySQL setup cloning?
Previous by thread: FreePort Software
Next by thread: Re: Protecting against spoofing with IPTABLES
Index(es):
- Date
- Thread