README

2015-10-17 21:11:55 -04:00 · 2015-10-17 21:11:55 -04:00 · 543073fd2e
parent e6530e2e4a
commit 543073fd2e
1 changed files with 16 additions and 0 deletions
--- a/README.md
+++ b/README.md
@ -0,0 +1,16 @@
+# TCP/IP Stack
+
+## Linux Firewall Configuration
+
+Imagine a setup where the machine you are running this code has IP
+192.168.1.10. This code claims 192.168.1.222 for itself. Now, pinging
+192.168.1.222 from some other machine, say 192.168.1.99, will cause
+the local kernel to receive the pings and then *forward them on to
+192.168.1.222*, which because of the gratuitous ARP announcement, it
+knows to be on its own Ethernet MAC address. This causes the ping
+requests to repeat endlessly, each time with one lower TTL.
+
+One approach to solving the problem is to prevent the kernel from
+forwarding packets addressed to 192.168.1.222. To do this,
+
+    sudo iptables -I FORWARD -d 192.168.1.222 -j DROP