On Wednesday 05 November 2003 8:08 pm, David C. Hart wrote: > On Wed, 2003-11-05 at 14:51, Antony Stone wrote: > > On Wednesday 05 November 2003 7:31 pm, Leandro Takashi Hirano wrote: > > > Now I would like to know about the IP Spoofing rule, how does it works? > > > > > > - iptables -A INPUT -s 192.168.1.0/24 -i ! eth0 -j DROP > > > > Any packet with a source address in the Class C range 192.168.1.x which > > does not come from eth0 will be DROPped. > > Funny I was similarly confused. What happens to packets from the LAN > given that they don't originate from eth0? > > These rules assume that eth0 is your internal network, and your internal > > network range is 192.168.1.0/24. Antony. -- If you think you see a Heffalump in a trap, make sure it isn't really a Bear with an empty honey jar stuck on his head.