>>>>> "sudog" == sudog  <sudog@sudog.com> writes:
    sudog> You should cc: this to the list so a recent message is in the
    sudog> archives. I saw some brief info dated ages ago that talked about
    sudog> per-interface default routes. is there any reason why this hasn't been
    sudog> committed? Should I ask tech-net?

  Paul Vixie did them.
  The syn cookie changes the structure so that those patches do not work.

  Doing it again isn't hard, I just never took the time since testing it
requires a bit of effort in the setup department.

    sudog> On Sun, 12 Aug 2001, Michael Richardson wrote:

    >> Date: Sun, 12 Aug 2001 11:47:25 -0400
    >> From: Michael Richardson <mcr@sandelman.ottawa.on.ca>
    >> To: sudog@sudog.com
    >> Subject: Re: connection comes in fxp0 but response goes out fxp1 help?
    >> 
    >> 
    >> It sounds like you need per-interface default routes.
    >> 
    >> There is some code on ftp.vix.com, but that doesn't work on post 1.4.
    >> I keep trying to hack it back into shape, but keep running out of time.
    >> 
    >> ]       ON HUMILITY: to err is human. To moo, bovine.           |  firewalls  [
    >> ]   Michael Richardson, Sandelman Software Works, Ottawa, ON    |net architect[
    >> ] mcr@sandelman.ottawa.on.ca http://www.sandelman.ottawa.on.ca/ |device driver[
    >> ] panic("Just another NetBSD/notebook using, kernel hacking, security guy");  [
    >>