also sprach Martin G.H. Minkler <[EMAIL PROTECTED]> [2004.10.21.1532 +0200]: > The basic idea was to double-latch things, if one criterium could > be spoofed the other would still hold.
Uh, ANY always holds, so it does not matter if you leave out the destination address. FWIW, destination IPs *cannot* be spoofed. Also, I am not sure you understand iptables correctly. If you specify two criteria in a rule, then they both have to hold. If you want to implement OR, you need two rules. > setups in which a LAN and a gateway with just one NIC were sharing a What's a gateway with just one NIC? -- Please do not CC me when replying to lists; I read them! .''`. martin f. krafft <[EMAIL PROTECTED]> : :' : proud Debian developer, admin, and user `. `'` `- Debian - when you have better things to do than fixing a system Invalid/expired PGP subkeys? Use subkeys.pgp.net as keyserver!
signature.asc
Description: Digital signature