Re: teardrop and Linux as a router

B. James Phillippe (bryan@Terran.ORG)
Sun, 23 Nov 1997 01:23:52 -0800 (PST)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Bill Hawes: "Re: smbfs timestamps"
Previous message: Niels Kristian Bech Jensen: "Re: Sharing IRQs between the first 4 serial ports."
In reply to: Marcelo Mercio Dandrea: "teardrop and Linux as a router"
Next in thread: ralf@uni-koblenz.de: "Re: teardrop and Linux as a router"

On Sat, 22 Nov 1997, Marcelo Mercio Dandrea wrote:

> Hello There,
>
> Its possible to patch the kernel to not only be resistent to
> teardrop ip frags but also, when the machine has Ip_forwarding compiled
> in, dump these frags instead of passing them along ?
> Sorry if its already this way.
>

Compile with ALWAYS_DEFRAG turned on. You need this for firewalls that
use transparent proxies (you probably always want it on for firewalls
anyway).

cheers,
-bp

--
B. James Phillippe <bryan@Terran.ORG>
UNIX, Linux, networks, C, Perl, Java, etc.

Next message: Bill Hawes: "Re: smbfs timestamps"
Previous message: Niels Kristian Bech Jensen: "Re: Sharing IRQs between the first 4 serial ports."
In reply to: Marcelo Mercio Dandrea: "teardrop and Linux as a router"
Next in thread: ralf@uni-koblenz.de: "Re: teardrop and Linux as a router"