Firewalls: Re: IP

Firewalls
(March 1994)

Indexed By Thread: [Previous] [Next]

Subject:	Re: IP_FORWARDING
From:	John Hawkinson <jhawk @ panix . com>
Date:	Sun, 13 Mar 1994 14:20:03 -0500 (EST)
To:	jim @ Tadpole . COM (Jim Thompson)
Cc:	firewalls @ greatcircle . com, jmc @ ksu . ksu . edu, verber @ parc . xerox . com
In-reply-to:	<9403131722 . AA13649 @ chiba . tadpole . com> from "Jim Thompson" at Mar 13, 94 11:22:06 am

> ip_forward() (the function in the kernel that forwards IP packets (e.g.
> they're not destined for *THIS* machine) does this:
> 
> 	if ((ip_forwarding != 1) && !source_routed_ok()) {
> 		/* drop this packet */
> 	}
> 
> source_routed_ok() checks to see if the packet is going out over the
> interface it came *IN ON*.  You can't source-route through a machine
> where ip_forwarding is set to anything other than '1'.


Is source_routed_ok() called whenever a source routed packet is
received  (not for forwarding, just normal receipt)? If so,
can one inhibit source routed packets from being processed by
replacing _source_routed_ok in ip_input.o with a stub
that returns 0?


--
John Hawkinson
jhawk @
 panix .
 com

References:

Re: IP_FORWARDING
From: jim @ Tadpole . COM (Jim Thompson)

Indexed By Date	Previous:	Re: IP_FORWARDING From: jim @ Tadpole . COM (Jim Thompson)
Indexed By Date	Next:	Re: IP_FORWARDING From: jim @ Tadpole . COM (Jim Thompson)
Indexed By Thread	Previous:	Re: IP_FORWARDING From: jim @ Tadpole . COM (Jim Thompson)
Indexed By Thread	Next:	Re: IP_FORWARDING From: jim @ Tadpole . COM (Jim Thompson)