Date: Wed, 12 Mar 2003 14:37:54 +0000 From: David Malone <dwmalone@maths.tcd.ie> To: Sean Hamilton <sh@bel.bc.ca> Cc: hackers@freebsd.org Subject: Re: IP addresses of bridge interfaces Message-ID: <20030312143754.GA54896@walton.maths.tcd.ie> In-Reply-To: <000601c2e813$9d849650$d1d7e8d8@slugabed.org> References: <000601c2e813$9d849650$d1d7e8d8@slugabed.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, Mar 11, 2003 at 01:17:25PM -0800, Sean Hamilton wrote: > I recently upgraded a FreeBSD 4.6.2 bridge to 5.0, and am having troubles > with how it handles IP addresses. This problem is due to a rather contraversial change, where packets are only accepted to addressed to the interface they are recieved on if: net.inet.ip.check_interface=1 This was left off in -stable, but was turned on by default in -current 'cos some people felt it was a security hole. There was a rather long thread about it when it was committed, and it was discussed on bugtraq at some length. If you need to disable it, you should be able to do: net.inet.ip.check_interface=0 in /etc/sysctl.conf. David. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030312143754.GA54896>