I sent the following to debian-firewall, but noone reacted, so I try here. =========================
Hai and a jolly new year, I'm in the process of switching from pmfirewall to ipmasq. I've read a lot, and now I'm confused:) I thought rp_filter was supposed to prevent ip spoofing, but ipmasq still adds rules like: ipchains -A input -j DENY -i ! lo -s 127.0.0.1/255.0.0.0 -l ipchains -A input -j DENY -i ! eth1 -s 192.168.1.1/255.255.255.0 -l Am I correct in assuming this is only done to get the logging? The second point of confusion is here: ipchains -A output -j DENY -i ! eth1 -d 192.168.1.1/255.255.255.0 -l Is this just the routing being checked by ipchains rules? Am I correct in assuming this would be useless on a well configured machine? -- groetjes, carel
