[PLUG] iptables And /proc Control

Jason Van Cleve jason at vancleve.com
Mon Dec 1 10:46:01 UTC 2003


I'm curious:  why are packet filtering options needed in /proc, when netfilter offers so much power?  For instance some iptables tutorials suggest doing this

echo "1" > /proc/sys/net/ipv4/icmp_echo_ignore_all

to disable "response to ping".  There are several other similar commands.  I'm not sure exactly what they effect, but couldn't one achieve the same with iptables?

--Jason Van Cleve

--
I think that if we were to go to the other side of outer space, we would find that we are on display in the window of some shop, like a snowglobe or something. And I bet that we would find that the price has been marked down several times.




More information about the PLUG mailing list