Nov 17 2011

Linux Reverse Path Filtering (IPv4)

By default routers “route” everything, even packets which ‘obviously’ don’t belong on your network. A common example is private IP space escaping onto the Internet.
Lots of people want to turn this feature off, the method is called “Reverse Path Filtering”.
Basically, if the reply to a packet wouldn’t go out the interface this packet came in, this is a bogus packet and should be ignored.
Continue reading