If you ask me, everyone should have this enabled, indeed I think debian does by default. However there are some cases where you should. These involve having a "multihomed" internet connection, for instance if you have one of those satellite links where your outgoing data goes out a modem/isdn connection and you inbound comes down a sat-link. (almost all sat connections work this way) Cheers Nix At 06:44 PM 15/09/2000, you wrote:
Hi how well does "Source Address Verification" work by making the following setting.
echo 1 > /proc/sys/net/ipv4/conf/*/rp_filter
What does the rp_filter do & how does it work.
Can it cause any problems with your IPCHAINS rules?
Thanks in advance
Steven
Example: you have eth0 (192.168.0.1) as the internal network interface and eth1 (4.4.4.4) as the external iface.
rp_filter rejects packets with a source of 192.168.0/24 if they arrive on eth1.
More generally: It rejects incoming packets if the interface address that it arrives on does not match the respective routing table entry.
Roman. -- - - | Roman Drahtmüller
// "Caution: Cape does | SuSE GmbH - Security Phone: // not enable user to fly." | Nürnberg, Germany +49-911-740530 // (Batman Costume warning label) | - - --------------------------------------------------------------------- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com