hi: I have multiple wan port and multiple routing table in a box. the wan port should be the final destination of outside word. (eg: all the packets come from internet should have destination ip address of my wan port, there are no further routing beyond the wan ip address). rp_filter seems not work correctly under multiple routing table situation.so I need to set rp_filter to 0. I want to know if there are simple setup method to secure the wan port ? or I need to use iptables to drop the incoming packet not matching the wan interface ip? the problem is I have dynamic ppp interface, so matching the ip via iptables is a little complicated. so I want to know if there are smarter ways to do the job. thanks a lot for suggestion!! Regards, tbskyd -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
