iptables drop fake ip packets

1

I'm trying to drop all packets from the internet that use a fake ip address so they appear to come locally.

Do I need both lines or only the first ?

--append INPUT ! --in-interface lo --source 127.0.0.0/8 --jump DROP

--append INPUT ! --in-interface lo --destination 127.0.0.0/8 --jump DROP

Joy Werey

Posted 2011-06-02T20:53:11.520

Reputation: 11

You should consider setting /proc/sys/net/ipv4/conf/all/rp_filter. See here http://www.linuxsecurity.com/content/view/111337/65/ for a description.

– ceving – 2011-06-03T17:56:23.660

Answers

0

You could use both, neither should exist really so blocking shouldn't hurt.

I'd also add rules for blocking non-routing IPs coming from outside your network.

Rich Homolka

Posted 2011-06-02T20:53:11.520

Reputation: 27 121

Asked: 2011-06-02T20:53:11.520

Viewed: 786 times

Active: 2011-06-03T17:35:44.080