Update of /cvsroot/routingtools/tools/rc.d
In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv30327
Modified Files:
firewall
Log Message:
- changed rp_filter behavior
- made use of iptables module for using shorthand --syn instead of specifying long --tcp-flags
Index: firewall
===================================================================
RCS file: /cvsroot/routingtools/tools/rc.d/firewall,v
retrieving revision 1.27
retrieving revision 1.28
diff -C2 -d -r1.27 -r1.28
*** firewall 15 Nov 2003 13:20:54 -0000 1.27
--- firewall 13 Feb 2004 17:51:27 -0000 1.28
***************
*** 253,257 ****
echo -n " mss clamping "
! $IPTABLES -I FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu
echo -e "$rc_done"
--- 253,257 ----
echo -n " mss clamping "
! $IPTABLES -I FORWARD -p tcp --syn -j TCPMSS --clamp-mss-to-pmtu
echo -e "$rc_done"
***************
*** 265,269 ****
kerneldevs=${IF_WORLD/+/*}
for world in `cd /proc/sys/net/ipv4/conf; ls -d $kerneldevs default`; do
! echo 1 > /proc/sys/net/ipv4/conf/$world/rp_filter
echo 1 > /proc/sys/net/ipv4/conf/$world/log_martians
echo 0 > /proc/sys/net/ipv4/conf/$world/accept_source_route
--- 265,269 ----
kerneldevs=${IF_WORLD/+/*}
for world in `cd /proc/sys/net/ipv4/conf; ls -d $kerneldevs default`; do
! echo 2 > /proc/sys/net/ipv4/conf/$world/rp_filter
echo 1 > /proc/sys/net/ipv4/conf/$world/log_martians
echo 0 > /proc/sys/net/ipv4/conf/$world/accept_source_route
***************
*** 345,348 ****
--- 345,352 ----
#
# $Log$
+ # Revision 1.28 2004/02/13 17:51:27 hurikhan
+ # - changed rp_filter behavior
+ # - made use of iptables module for using shorthand --syn instead of specifying long --tcp-flags
+ #
# Revision 1.27 2003/11/15 13:20:54 hurikhan
# - block unclean packets in first place so they never get forwarded to
|
