On Thu, 23 Aug 2001, Harrell, Tim wrote:
What about the other stuff it spurts out like: ll: header <ethernet addr> etc? Is that in the same place? (I don't want to remove something that was there before the firewall changes).
*shrug* not sure about that one. Never seen it get printed.
Is this kernel security stuff merely related to logging? (The guide says you should get the firewall working first before enabling it).
The martian stuff is just logging, well not strictly true.. the packets also get dropped as they are unroutable. Martians are reserved IP addresses ie, 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16, and a few other ranges. Packets from these addresses should never be seen on the internet, and should be reserved to LANs. Not sure what the other stuff we've bundled under 'kernel security' is, as I'm not too familiar with our firewall package. I should take a day out to take a look at it sometime. There are a few other options in /proc/sys, related to such things, I imagine it's just controlling those. Not all of these are related to logging, some of them can reduce the possibility of ip spoofed packets getting through etc. regards, Dave. -- | Dave Jones. http://www.suse.de/~davej | SuSE Labs