This is a question that I have regarding some of the "strong" rules for
IPCHAINS. I have configured MASQ and strong filtering rules. BUT...what do
the following rules do? They are recommended, but I'm unclear as to their
purpose. Could someone shed some light on it for me? (these are cut from
the trinityos document):
1.
# Reject outgoing traffic to the local net from the remote interface,
# stuffed routing; deny & log
/sbin/ipchains -A output -j REJECT -i $EXTIF -s $UNIVERSE -d $INTLAN
$LOGGING
2.
# Remote interface, claiming to be local machines, IP spoofing, get lost &
log
/sbin/ipchains -A input -j REJECT -i $EXTIF -s $INTLAN -d $UNIVERSE $LOGGING
Thanks in advance!
Pat Hayden
[EMAIL PROTECTED]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
