RE: netfilter plugin: antispoof

Jakma, Paul (Paul.Jakma@compaq.com)
Tue, 14 Sep 1999 09:40:46 +0100

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Sergey Kubushin: "Re: 2.2.13-pre6 build failed (gcc-2.95.1)"
Previous message: Sergey Kubushin: "Re: 2.2.13-pre6 build failed (gcc-2.95.1)"

> Hi rusty,
>
> I think I just came up with a rather fun idea for a
> netfilter plugin.
>
> Basically, it terminates IP connections that it doesn't
> know of.

don't really understand. Either you accept an IP packet based on it's src
address or not, or allow a tcp connection to be made or not. Why in the case
of a tcp connection, break a connection? The IP address won't change.. if it
does it's not part of the same connection.

And if the IP address is spoofed you can't really know unless it's on the
same network as you. And anyway you should have your router disallow local
network IP's coming in from external net's anyway.

confused,

Paul Jakma.

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

Next message: Sergey Kubushin: "Re: 2.2.13-pre6 build failed (gcc-2.95.1)"
Previous message: Sergey Kubushin: "Re: 2.2.13-pre6 build failed (gcc-2.95.1)"