![](https://seccdn.libravatar.org/avatar/db5b81311836971d469ac3732ae96a39.jpg?s=120&d=mm&r=g)
19 Apr
2002
19 Apr
'02
12:08
Steffen Dettmer
That's true. Compared to the run of ipchains or iptables afterwards, it's even extremely inexpensive.
But why not setting a rule on bootup with "ppp+"? Why the need to rewrite firewall rules if interfaces come up or go down?
The antispoofing rules, at least, need to be rewritten when the IP address changes. -- Alan Hadsell If brute force doesn't work, you aren't using enough.