IP Spoofing protection may cause ZXTM Appliance to drop valid traffic

The ZXTM Appliance uses the rp_filter module to protect against IP packet spoofing from local networks. This module drops traffic that arrives on an unexpected interface, so it stops an attacker on one network from spoofing packets that appear to come from a different network.

However, if you have multiple IP addresses on the same subnet and you place them on different interfaces, then the spoofing protection can mistakenly drop valid packets. This only affects packets that originate from the local network, and it is only a potential problem if you have IPs on the same subnet configured on different interfaces.

You can verify that this is happening by trying to contact the ZXTM system from the local network - if you hit problems, disable the spoof protection as follows:

  1. Log in to the appliance using SSH, using the username and password of a user in the Admin group.

  2. Edit the file '/etc/network/options' using the 'nano' or 'vi' editors ('nano' is the easiest!). Change the line 'spoofprotect=yes' to 'spoofprotect=no'.

  3. Save the file, then run the following command:

    /etc/init.d/networking restart

This will disable the local IP spoofing protection (which is of very limited use anyway). The change will persist across restarts and reboots.

This should be regarded as 'advanced configuration' - if you need any help, please get in touch with our Support team.

Dec [Zeus Dev Team] 04 September 2006  Permalink  
Leave a comment ...
Your email address will not be displayed.
Your URL will be displayed.
This public messageboard is not a forum for technical support. To report technical support problems, please contact our dedicated Support team using the instructions at the bottom of this page.
Options:
 
(Line breaks become <br />)
(Set cookies for name, email & url)
Download Free ZXTM Desktop Edition

Recent Articles

Other Resources



www.zeus.com

powered by
b2evolution
About this site. The ZXTM KnowledgeHub service is provided without warranty, and articles and comments may not reflect the views of Zeus Technology. For technical support queries, please contact Zeus Technical Support. Disclaimer and Privacy statement.