Date: Mon, 18 Mar 1996 07:03:33 +0000 From: Poul-Henning Kamp <phk@critter.tfs.com> To: Mark Murray <mark@grondar.za> Cc: current@freebsd.org Subject: Re: Firewall setup... Message-ID: <7209.827132613@critter.tfs.com> In-Reply-To: Your message of "Mon, 18 Mar 1996 08:23:29 %2B0200." <199603180623.IAA03506@grumble.grondar.za>
next in thread | previous in thread | raw e-mail | index | archive | help
> It is however not that clear how to do the last bit. I would like
> to zap spoofing -
>
> > 01350 accept all from any to 196.7.18.0/24 via tun0
> > 01350 accept all from 196.7.18.0/24 to any via tun0
>
> If my firewall machine has 2 interfaces - tun0=196.7.18.65
> and ed0=196.7.18.129 with a netmask of 0xfffffff0, how do I prevent
> packets claiming to be from 196.7.18/24 from coming into tun0?
> The above 2 lines are necessary for me to communicate with the world.
01355 deny all from 196.7.18/24 to any in via tun0
^^
If it doesn't work, yell.
--
Poul-Henning Kamp | phk@FreeBSD.ORG FreeBSD Core-team.
http://www.freebsd.org/~phk | phk@login.dknet.dk Private mailbox.
whois: [PHK] | phk@ref.tfs.com TRW Financial Systems, Inc.
Future will arrive by its own means, progress not so.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?7209.827132613>