Re: [lwip-users] Firewall

lwip-users

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [lwip-users] Firewall

From:	Martin Velek
Subject:	Re: [lwip-users] Firewall
Date:	Tue, 23 Apr 2013 08:54:50 +0200

Hi,

the lwip 1.4.1 allows:

> 1. Ability to turn off PING so its not so easy to find.

 /* don't build if not configured for use in lwipopts.h */
#undef LWIP_ICMP

> 2. Limit incoming IP addresses to a range or even single address so that we
> only communicate with a known machine.

#define LWIP_HOOK_IP4_INPUT
and provide LWIP_HOOK_IP4_INPUT() to filter incoming ip.

Best
Martin


On Thu, Feb 28, 2013 at 9:27 AM, Chris Williams
<address@hidden> wrote:
> Hi,
>
> There is lots of talk about internet security and I was wondering what we
> could do for LWIP to make it 'hardened'?
>
> What could we add to LWIP that would reduce its vulnerability to attack?
>
> A list of suggestions would be a good start:
>
> 1. Ability to turn off PING so its not so easy to find.
>
> 2. Limit incoming IP addresses to a range or even single address so that we
> only communicate with a known machine.
>
> Any other ideas?
>
> These features would of course be optional.
>
> Regards,
>
> Chris.
>
>
>
> _______________________________________________
> lwip-users mailing list
> address@hidden
> https://lists.nongnu.org/mailman/listinfo/lwip-users

[Prev in Thread]

Current Thread

[Next in Thread]

Re: [lwip-users] Firewall, Martin Velek <=

Prev by Date: Re: [lwip-users] STR912 lwIP + Freertos demo
Next by Date: Re: [lwip-users] lwip-users Digest, Vol 116, Issue 22
Previous by thread: [lwip-users] LwIP 1.3.2 GPRS parameter TCP_MSS
Next by thread: Re: [lwip-users] lwip-users Digest, Vol 116, Issue 22
Index(es):
- Date
- Thread