On Tue, Jun 17, 2003 at 01:36:35PM -0700, David S. Miller wrote: > I have no idea why they do this, it's the stupidest thing > you can possibly do by default. > > If we thought it was a good idea to turn this on by default > we would have done so in the kernel. > > Does anyone have some cycles to spare to try and urge whoever is > repsponsible for this in Debian to leave the kernel's default setting > alone? Sure, I can do this. But why is this stupid? It uses more CPU, but stops IP spoofing by default. Specific firewall rules would have to be created otherwise. And the overhead only really shows when the routing table is large, right? Simon- - : send the line "unsubscribe linux-net" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
