SUMMARY: /dev/ip

Michael Hawk (mike@gi.net)
Fri, 09 May 1997 12:47:58 -0500 (CDT)

Hi,
My original question:

> Hi,
> Recently someone posted a question regarding limiting source routed
> packets on Solaris. This sparked my interest, so I gave it a shot.
>
> As root, I issued this command:
>
> ndd -set /dev/ip ip_forward_src_routed 0
>
> This only affects the machines ability to forward source routed packets. It
> still can receive source routed packets, though. So, if I issued this command
> on machine A, and tried a loose source traceroute to machine C from machine B,
> through machine A, A would not let it go through.
>
> You can still source route a packet through machine C to A, however.
>
> Can you make a solaris host drop any source routed packet upon receiving it?
> I didn't see any ndd options which go this far...
>
> Thanks.
>
> -mike


I received two replies.

avarvit@cc.ece.ntua.gri:
-----------------------
recommended installing the newest TCP wrappers.

davisson@emuni.com:
-------------------
recommends SOCKS 4.1.3

I guess my question was more theoretical then practical. We have a firewall
and a packet filtering router, but I was just curious about the host level.
Personally, I like TCP Wrappers a lot, but have little experience with SOCKS
to make any comparisons...

Thanks to those who replied.

-mike

----------------------------------------------------------------------------
Michael Hawk Senior Network Technician
mike@gi.net Global Internet Network Services
(402)436-3067 1-800-937-6431
-------------------------- http://www.gi.net -------------------------------