Re: Anti-Spoofing

To: tech-net%netbsd.org@localhost
Subject: Re: Anti-Spoofing
From: Edgar Fuß <ef%math.uni-bonn.de@localhost>
Date: Mon, 5 Sep 2011 17:44:08 +0200

EF> How does the kernel deal with datagrams arriving on the wire (or
EF> on a VLAN) that have my own IP as the originating IP?
I'm afraid this question was too basic for anyone caring to answer, but it's 
somewhat queer to try out. Will such a datagram be passed up the stack?

IS> at the driver level and higher: in regular operation, it sees all multicast
IS> and broadcast originating from itself.
Does it see them once (incoming) or twice (outgoing and incoming)?
If (as I presume) it sees them twice: will ``keep state'' work on them? I.e., 
if i ``pass out keep state'' and ``block in'' them, will they pass?

And what about unicast datagrams (from me to me)?

Follow-Ups:
- Re: Anti-Spoofing
  - From: Edgar Fuß

References:
- Anti-Spoofing
  - From: Edgar Fuß
- Re: Anti-Spoofing
  - From: is

Prev by Date: ipfilter-implemented IPv6 source based routing crashes 5.1
Next by Date: Re: Anti-Spoofing
Previous by Thread: Re: Anti-Spoofing
Next by Thread: Re: Anti-Spoofing
Indexes:

Home | Main Index | Thread Index | Old Index