Brian J. Murrell wrote: > > I guess the situation that having routefiltering and/or IP Address > Spoofing protection enabled and causing problems is escaping me. The > only situation I can think of is where a locally generated packet gets > it's source IP assigned the non-default interface address, but there are > already masq'ing rules in place to fix that up.
The problem is with incoming packets from the internet. If there isn't a 'main' default route through the incoming interface then the packets may be dropped as martians. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ [EMAIL PROTECTED] PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier. Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
