[ previous ] [ next ] [ threads ]
 
 From:  "P Lecheler" <lecheler at technologist dot com>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Rules to block packets with IP options
 Date:  Tue, 24 Feb 2004 09:24:35 -0500
I an looking for a way to create a firewall rule to block and/or reject packets coming from the WAN
with IP options set in the packet.  Specifically, I want to discard packets with LSRR (Lose Source
Route), SSRR (Strict Source Route), RA (Router Alert), and RR (Record Route) options set in the
packet.  

I have reviewed the documentation and searched the archive and did not find not find any references
on configuring firewall rules to block packets with IP options set for the R1.0 release.  Is this
supported?  I know ipfw supports the capability, I'm not sure how it's done in ipf.  Any pointers on
how to do this are appreciated.
-- 
_______________________________________________
Get your free email from http://www.iname.com