Note that anti-spoofing isn't needed if iptables (see below) is used by NARC (see below), since NARC provides anti-spoofing in its firewall rules.
/etc/rc.d/init.d/antispoofing:
Turns anti-spoofing on/off. Packets from outside the local network are checked to see that they don't have local return addresses (spoofing).
"start" - Starts up anti-spoofing. "stop" - Shuts anti-spoofing down.
You must create the antispoofing script, a sample of which, is shown below:
#! /bin/sh # Script to turn on anti-spoofing. # If no source address verification, do nothing. [ -f /proc/sys/net/ipv4/conf/all/rp_filter ] || exit 0 case "$1" in start) echo -n "Turning on antispoofing:" for f in /proc/sys/net/ipv4/conf//rp_filter; do echo 1 > $f done echo "." ;; stop) echo -n "Turning off antispoofing:" for f in /proc/sys/net/ipv4/conf//rp_filter; do echo 0 > $f done echo "." ;; *) echo "Usage: /etc/rc.d/init.d/antispoofing {start|stop}" exit 1 ;; esac exit 0