The following line sets the $BCAST variable:
"BCAST=`/sbin/ifconfig $IF |grep Bcast: | cut -d : -f
3 | cut -d \\ -f 1`\n"
The Linux box is on a home LAN behind a router, so
this may be a source of some confusion to firestarter,
which perhaps expected the box to be directly
connected to the net. That configuration would yield
an external broadcast address of 255.255.255.255.
ifconfig eth0 yields
the following:
ifconfig eth0
eth0 Link encap:Ethernet HWaddr
00:0C:41:EF:48:BB
inet addr:192.168.2.48 Bcast:192.168.2.255
Mask:255.255.255.0
inet6 addr: fe80::20c:41ff:feef:48bb/64
Scope:Link
<*snip*>
Subsequently, netfilter-script.c adds the drop rule to
iptables based on the $BCAST variable:
"if [ \"$BCAST\" != \"\" ]; then\n"
./src/netfilter-script.c: "
$IPT -A INPUT -d $BCAST -j DROP\n"
I will try and make a workaround which would test the
$BCAST variable to see if it matches one of the
non-routeable addresses typical on home LANs (i.e.
192.168.XXX.XXX). If a match occurs, drop packets
whose destination is 255.255.255.255 (?) instead.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
