On Sun, 25 Sep 2016 21:19:31 -0700, Hugo Slabbert said: > Linux: > From /etc/sysctl.conf: > > # Uncomment the next two lines to enable Spoof protection (reverse-path=20 > # filter) > # Turn on Source Address Verification in all interfaces to > # prevent some spoofing attacks > net.ipv4.conf.default.rp_filter=1 > net.ipv4.conf.all.rp_filter=1 > > Unfortunately, the net.ipv6 equivalents for those do not yet seem to be a > thing on Linux.
See net/ipv6/netfilter/ip6t_rpfilter.c Also, note that a lot of net.ipv4.conf variables also apply to ipv6 (though checking the source tree, this isn't one of them, unless it's via a macro that some quick grepping didn't find...)
pgptJL_xNvOlh.pgp
Description: PGP signature
