[Dnsmasq-discuss] Problem using dnsmasq as dhcp
Archimede Pitagorico
archimede.pitagorico at mail.com
Sat Jan 7 16:57:06 GMT 2017
Thanks for your comments.
> Um, please don't post HTML to mailing lists.
It is the evil web-mail I use, which use HTML by default, no fancy formatting.
> And here's another problem: be careful with filtering in the raw
> table. Filtering should be done in the filter table (which, go
> figure, may be why they named it "filter".)
I was just following some online examples of firewalls, for instance
the one on the arch wiki:
https://wiki.archlinux.org/index.php/Simple_stateful_firewall
which states:
This can be done with netfilter instead if statistics (and better logging) are desired:
# iptables -t raw -I PREROUTING -m rpfilter --invert -j DROP
Anyway, rpfilter can only be used in the raw table, I think.
By the way, filtering in iptables seems not exactly identical to rp_filter in sysctl.
The one in iptables blocks messages from 0.0.0.0 to 255.255.255.255. Sysctl doesn't.
More information about the Dnsmasq-discuss
mailing list