Huhhhh? In fact most routers don't check the source, nor do they care, which is why certain DoS attacks that spoof source IP addresses work. IP routing today is nearly always based only on the destination address. In normal IP packet forwarding, the source and destination IP address of a packet doesn't change during router hops (MAC/physical does). Hence a router receeiving packets from another router will see all sorts of source IP addresses but it will not always have an iron-clad mechanism of determining they came from a legitimate source. The only way you can tell where the previous hop was is by the physical line and/or the source MAC address (which is usually the router's interface), but of course even this can be spoofed.
However, you are correct about the default behaviour when a locally-generated packet leaves a interface in linux. (This doesn't apply to a routed/forwarded packet) I would probably use iptables to do what John wishes. Regards, Martin Martin Visser Network Consultant - Global Services COMPAQ, part of the new HP 3 Richardson Place North Ryde, Sydney NSW 2113, Australia Phone *: +61-2-9022-1670 Mobile *: +61-411-254-513 Fax 7: +61-2-9022-1800 E-mail * : martin.visserAThp.com -----Original Message----- From: Glen Turner [mailto:[EMAIL PROTECTED]] Sent: Friday, 28 June 2002 3:32 PM To: slug Subject: Re: [SLUG] Source IP address > Is it possible to use iproute2 or something similar to use a particular > source address when sending to a particular subnet? (2.4 kernel) The default behaviour is for a packet exiting ethN to have the source IP address of ethN. The router on ethN is perfectly entitled to discard packets coming off that subnet which have the wrong source address (and the router should be configured to do so). -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
