* MARK matching
@ 2002-12-14 8:49 Rocco Stanzione
0 siblings, 0 replies; only message in thread
From: Rocco Stanzione @ 2002-12-14 8:49 UTC (permalink / raw)
To: netfilter
Group:
I don't like the idea of allowing all traffic destined for the external IP on
the external interface on a machine that doubles as a firewall and a server.
But I have a webmail interface that doesn't work unless I do just that. What
I want to know is, is it valid to use the MARK target on these packets on
their way 'out' so that they can be recognized as not having been spoofed? I
haven't seen any documentation on using it like this, and I wonder if this is
a viable solution, or if anyone has a better idea.
Thanks,
Rocco
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2002-12-14 8:49 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2002-12-14 8:49 MARK matching Rocco Stanzione
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox