First, Your return key is broken, please fix that ;)
On Tue, Mar 14, 2023 at 07:51:44PM +0100, krys...@ibse.cz wrote: > Hello everyone, > I have a question about network stack configuration in Linux. Lets assume a > Linux host with multiple network interfaces, a different ip address is set on > each interface (for example eth0: 192.168.0.1/24 and eth1: 192.168.1.1/24) > and forwarding is disabled. When another host in the network 192.168.0.0/24 > sets a default route to this host and ping to 192.168.1.1, it will get a > reply. Is there any way to prevent this behavior - meaning the first host > replies only to traffic with destination address set on input interface and > not all addresses set on the host? Something like rp_filter but for > destination addresses? Or is the only way to set up a firewall with input > interfaces and destination addresses in every rule? > This is indeed not right. Please try to ping any other host on the 192.168.1.0/24 network from 192.168.0.0/24 network. This might be just the case that the host with the two interfaces replies on any interface independent of the network. -H -- Henning Follmann | hfollm...@itcfollmann.com
