Subject: Re: Kill socket for certain routes
To: Steven M. Bellovin <>
From: Greg Troxel <>
List: tech-net
Date: 12/09/2006 08:29:27
Content-Transfer-Encoding: quoted-printable

"Steven M. Bellovin" <> writes:

> I have a similar need.  In particular, I have an EVDO wireless card
> which is less happy -- i.e., it often drops the call -- if it sees an
> outbound packet with an invalid source address.=20=20
> What I'd really like is an ifconfig or sysctl option preventing a
> packet from leaving an interface if the source address doesn't match.
> Since that doesn't exist, my ppp-up and ppp-down scripts manipulate my
> pf or ipf filters to do the same thing.

But what you want really is mostly a firewall feature.  I can see an
ifconfig flag to say 'only pass packets matching my src addr', though.
That would make things easier.

Content-Type: application/pgp-signature

Version: GnuPG v1.4.5 (NetBSD)