Hi, > I just subscribed to this list, sorry, if this > question has been discussed before.
I cannot remember an earlier discussion. :) > Linux 2.4.x has a spoofing protection (rp_filter). > > Is it possible to log those packets, i.e. > run them through a netfilter table? No. > Would it be possible to run them through a > special iptable filter instead of simply > dropping them, making things more configurable? That could certainly be implemented. Can you think of other situations where the networking stack is dropping packets? If somebody sets out to implement such a thing, it would be nice to have a list of places in the list archives to point to. best regards Patrick
