Firewalls: Re: Re[2]: NT NAT

Firewalls
(January 1997)

Indexed By Thread: [Previous] [Next]

Subject:	Re: Re[2]: NT NAT
From:	Ron DuFresne <dufresne @ parka . winternet . com>
Date:	Sat, 4 Jan 1997 21:06:27 -0600 (CST)
To:	Peter da Silva <peter @ baileynm . com>
Cc:	ckn @ findata . se, firewalls @ GreatCircle . COM
In-reply-to:	<9701050100 . AA02172 @ sonic . nmti . com . nmti . com>

At least the 2.0.x kernals and newer have this as a config option when 
you rebuild the kernel...

Later,

Ron DuFresne

On Sat, 4 Jan 1997, Peter da Silva wrote:

> > Do I need to care about
> > source routed packets if my upstream provider has everything configured
> > as they should?
> 
> Yes. Don't depend on a third party maintaining a configuration correctly
> for the proper operation of your firewall.
> 
> > If I am using for example Linux, would it be enough to
> > configure the linux kernel to drop source routed packets?
> 
> I don't know. It's a sysctl option in FreeBSD.
> 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
"Cutting the space budget really restores my faith in humanity.  It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation." -- Johnny Hart
	***testing, only testing, and damn good at it too!***

OK, so you're a Ph.D.  Just don't touch anything.

References:

Re: Re[2]: NT NAT
From: peter @ baileynm . com (Peter da Silva)

Indexed By Date	Previous:	Re: Re[2]: NT NAT From: lists @ lina . inka . de (Bernd Eckenfels)
Indexed By Date	Next:	Re: Re[2]: NT NAT From: Ron DuFresne <dufresne @ parka . winternet . com>
Indexed By Thread	Previous:	Re: Re[2]: NT NAT From: peter @ baileynm . com (Peter da Silva)
Indexed By Thread	Next:	Re: Re[2]: NT NAT From: Ambrose Li <news-misc @ mingpaoxpress . com>