* MARK matching
@ 2002-12-14 8:49 Rocco Stanzione
0 siblings, 0 replies; only message in thread
From: Rocco Stanzione @ 2002-12-14 8:49 UTC (permalink / raw)
To: netfilter
Group:
I don't like the idea of allowing all traffic destined for the external IP on
the external interface on a machine that doubles as a firewall and a server.
But I have a webmail interface that doesn't work unless I do just that. What
I want to know is, is it valid to use the MARK target on these packets on
their way 'out' so that they can be recognized as not having been spoofed? I
haven't seen any documentation on using it like this, and I wonder if this is
a viable solution, or if anyone has a better idea.
Thanks,
Rocco
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2002-12-14 8:49 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2002-12-14 8:49 MARK matching Rocco Stanzione
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.