On 15 Jan 99, at 20:20, Bill Schoolcraft wrote about
"[masq] IP Spoofing help ?":
| Hello Everyone,
|...
| I tried to add the IP Spoofing rules I read in "Linux Network
| Toolkit" which is:
|
| /sbin/ipfwadm -I -a deny -V 192.168.7.1 -S 192.168.7.0/24 -D
| 0.0.0.0/0
Your -V option identifies your local network interface, not the
remote interface. So this rule denies all incoming packets from your
local network. That will surely impact your performance!
Since your external interface is assigned a dynamic IP, you can't use
"-V ip_addr" to identify it. You should use "-W device" instead.
For example, if your external interface is ppp0, the anti-spoofing
rule would be:
/sbin/ipfwadm -I -a deny -W ppp0 -S 192.168.7.0/24 -D 0.0.0.0/0
IOW, deny packets coming *in* the remote interface claiming to be
from a local address.
| /sbin/ipfwadm -I -a deny -V 192.168.7.1 -S 192.168.7.1 -D 0.0.0.0/0
This rule has the same problem, but does nothing because it is a
subset of the prior rule.
| My MASQ machine being 192.168.7./1
|...
HTH...
- Fred Viles <mailto:[EMAIL PROTECTED]>
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
For daily digest info, email [EMAIL PROTECTED]
