openwrt

mirror of https://git.openwrt.org/openwrt/openwrt.git synced 2026-01-28 03:37:17 +01:00

History

Alin Nastac c86490605c netfilter: add iptables-mod-rpfilter package Unlike /proc/sys/net/ipv4/conf/INTF/rp_filter flag, rule iptables -t raw -I PREROUTING -m rpfilter --invert -j DROP prevents conntrack table to become full when a packet flood with randomly selected source IP addresses is received from the lan side. Signed-off-by: Alin Nastac <alin.nastac@gmail.com> (cherry picked from commit `d8748e537f`)	2017-12-13 16:23:38 +01:00
..
modules	netfilter: add iptables-mod-rpfilter package	2017-12-13 16:23:38 +01:00
Makefile	build: use mkhash to replace various quirky md5sum/openssl calls	2017-01-05 11:09:12 +01:00

Alin Nastac c86490605c netfilter: add iptables-mod-rpfilter package

Unlike /proc/sys/net/ipv4/conf/INTF/rp_filter flag, rule iptables -t raw
-I PREROUTING -m rpfilter --invert -j DROP prevents conntrack table to
become full when a packet flood with randomly selected source IP addresses
is received from the lan side.

Signed-off-by: Alin Nastac <alin.nastac@gmail.com>
(cherry picked from commit d8748e537f)

2017-12-13 16:23:38 +01:00

modules netfilter: add iptables-mod-rpfilter package 2017-12-13 16:23:38 +01:00

Makefile build: use mkhash to replace various quirky md5sum/openssl calls 2017-01-05 11:09:12 +01:00