aboutsummaryrefslogtreecommitdiffstats
path: root/package/kernel/ar7-atm/Makefile
diff options
context:
space:
mode:
authorAlin Nastac <alin.nastac@gmail.com>2017-06-16 14:16:07 +0200
committerJo-Philipp Wich <jo@mein.io>2017-12-13 16:23:38 +0100
commitc86490605c5511e88093d3584dc9a277afcb9d6d (patch)
treec5f2c75f096cb0de17954906739fd9ee1f8bd8ef /package/kernel/ar7-atm/Makefile
parentea23ba9a250714302e9fc21bfc52293b3cddfddd (diff)
downloadupstream-c86490605c5511e88093d3584dc9a277afcb9d6d.tar.gz
upstream-c86490605c5511e88093d3584dc9a277afcb9d6d.tar.bz2
upstream-c86490605c5511e88093d3584dc9a277afcb9d6d.zip
netfilter: add iptables-mod-rpfilter package
Unlike /proc/sys/net/ipv4/conf/INTF/rp_filter flag, rule iptables -t raw -I PREROUTING -m rpfilter --invert -j DROP prevents conntrack table to become full when a packet flood with randomly selected source IP addresses is received from the lan side. Signed-off-by: Alin Nastac <alin.nastac@gmail.com> (cherry picked from commit d8748e537f11ab5f2b5e2ed25d94baa5ce353984)
Diffstat (limited to 'package/kernel/ar7-atm/Makefile')
0 files changed, 0 insertions, 0 deletions
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-07 14:03:32 +0000