The spoofing protection prevents your network from being the source of spoofed i.e. forged communications that are often used in DoS attacks.
[root@deep] /# for f in /proc/sys/net/ipv4/conf/*/rp_filter; do
> echo 1 > $f
> done
|
Add the above commands to the
/etc/rc.d/rc.local script file and you'll not have to type it again the next time you reboot your system.
Edit the
/etc/sysctl.conf file and add the following line:
# Enable IP spoofing protection, turn on Source Address Verification
net.ipv4.conf.all.rp_filter = 1
|
You must
restart your network for the change to take effect. The command to manually restart the network is the following:
[root@deep] /# /etc/rc.d/init.d/network restart
Setting network parameters [ OK ]
Bringing up interface lo [ OK ]
Bringing up interface eth0 [ OK ]
Bringing up interface eth1 [ OK ]
|