On Wed, Dec 10, 2008 at 7:30 AM, Felix Frank <[EMAIL PROTECTED]> wrote:
> So I should only have a NetInfo file (as I currently do)? >> >> That being the case, why would the IP address ACLs stop working after a >> period of time, and required the AFS client to be restarted? >> > > You could probably use tcpdump to determine wether interfaces other than > the ACL'ed NIC are being used by the client. (No, it's not limited to > TCP.) > Since without a bound socket, the kernel may transmit your packets from any interface and not just the one whose IP address you permit, it's pretty likely that eventually packets will come from the wrong place. Hence the -rxbind suggestion.
