[899] in linux-net channel archive
Re: Reject routes
daemon@ATHENA.MIT.EDU (Bernd Eckenfels)
Mon Aug 14 01:00:42 1995
To: submit-linux-dev-net@ratatosk.yggdrasil.com
From: ukd1@rzstud1.rz.uni-karlsruhe.de (Bernd Eckenfels)
Date: 14 Aug 1995 01:19:20 GMT
Drew Eckhardt (drew@poohsticks.org) wrote:
> According to the IP firewalling docs/sources, this is possible; the code
> LOOKS like it should send an ICMP HOST UNREACHABLE but it doesn't work
> (I've tried adding it to both the blocking and forwarding chains - no
> dice in either case); instead it just blackholes packets.
There is an additional Feature in 1.3 Kernels, it is calles rejecting routes
(from BSD i guess). I have written a small patch which should cleanly patch
against every 1.2 Kernel to add this functionality to 1.2 Kernels, too. Then
you need to use my modified route-command (Patch against route-1.2) and you
can establish rejecting routes.
See ftp://ftp.inka.de/sites/lina/linux/route/README
Greetings
Bernd
BTW: Alan, my patch is also increasing the usage-counter for the rejectng
route. Perhaps you should change this in 1.3.x, too?
BEWARE: those patches are newer then the last one i have announced. The old
Patches are not compatible to 1.3.x practise.
Greetings
Bernd
-- __
(OO) -- Bernd_Eckenfels@Wittumstrasse13.76646Bruchsal.de --
( .. ) +4972573817 ecki@lina.{inka.de,ka.sub.org} ukd1@rz.uni-karlsruhe.de
o--o *QUAK* Jetzt auch mit Plueschtier in der .Sig!
(O____O) <A href=http://rzstud1.rz.uni-karlsruhe.de/~ukd1/>Eckes@IRC</A>
