In computer networking, source routed traffic, also called path addressing, allows a sender of a packet to partially or completely specify the route the packet takes through the network.
- Source routing allows easier troubleshooting, improved traceroute, and enables a node to discover all the possible routes to a host. It does not allow a source to directly manage network performance by forcing packets to travel over one path to prevent congestion on another.
For a firewall, since an attacker can generate traffic claiming to be from a system 'inside' the firewall. In general, such traffic wouldn't route to the firewall properly, but with the source routing option, all the routers between the attacker's machine and the target will return traffic along the reverse path of the source route. Implementing such an attack is quite easy, so it is a threat.