[Shorewall-users] Re: Shorewall protection against sppofing
Wed, 24 Apr 2002 05:42:35 -0700 (PDT)
On Wed, 24 Apr 2002, Dag Nygren wrote:
> I am using Shorewall here (1.2.8), and just found some
> strange bootpd access from the bootp server to itself.
> As this shouldn't happen I checked the firewall rules if
> someone pretends to be my main bootpd server from the outside.
> As the rules are fairly complicated I am not sure, but wanted to
> make sure with you that spoofing of the local addresses are automatically
> blocked ?
> It could probably be a good idea to automatically block out the
> 10.x.x.x and other addresses reserved for local networks as well (?).
That is what the 'norfc1918' interface option does.
Tom Eastep \ Shorewall - iptables made easy
AIM: tmeastep \ http://www.shorewall.net
ICQ: #60745924 \ firstname.lastname@example.org