SUMMARY: /dev/ip
Michael Hawk (mike@gi.net)
Fri, 09 May 1997 12:47:58 -0500 (CDT)
Hi,
My original question:
> Hi,
> Recently someone posted a question regarding limiting source routed
> packets on Solaris. This sparked my interest, so I gave it a shot.
>
> As root, I issued this command:
>
> ndd -set /dev/ip ip_forward_src_routed 0
>
> This only affects the machines ability to forward source routed packets. It
> still can receive source routed packets, though. So, if I issued this command
> on machine A, and tried a loose source traceroute to machine C from machine B,
> through machine A, A would not let it go through.
>
> You can still source route a packet through machine C to A, however.
>
> Can you make a solaris host drop any source routed packet upon receiving it?
> I didn't see any ndd options which go this far...
>
> Thanks.
>
> -mike
I received two replies.
avarvit@cc.ece.ntua.gri:
-----------------------
recommended installing the newest TCP wrappers.
davisson@emuni.com:
-------------------
recommends SOCKS 4.1.3
I guess my question was more theoretical then practical. We have a firewall
and a packet filtering router, but I was just curious about the host level.
Personally, I like TCP Wrappers a lot, but have little experience with SOCKS
to make any comparisons...
Thanks to those who replied.
-mike
----------------------------------------------------------------------------
Michael Hawk Senior Network Technician
mike@gi.net Global Internet Network Services
(402)436-3067 1-800-937-6431
-------------------------- http://www.gi.net -------------------------------