Date: Sat, 31 Dec 2005 00:50:57 +0100 From: =?ISO-8859-2?Q?=A3ukasz_Bromirski?= <lbromirski@mr0vka.eu.org> To: freebsd-pf@freebsd.org Subject: [feature] ipfw verrevpath/versrcreach? Message-ID: <43B5C7E1.8060400@mr0vka.eu.org> In-Reply-To: <20051227122546.GE81@insomnia.benzedrine.cx> References: <20051227084823.28384.qmail@web32611.mail.mud.yahoo.com> <20051227122546.GE81@insomnia.benzedrine.cx>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi all, Is there by any chance work being done on pf to include functionality that is present in FreeBSD ipfw, that checks if packet entered router via correct interface as pointed out by routing table? I know there is antispoof, but it's simple check of connected network and interface address, not full lookup to routing table contents. On ipfw it's called verrevpath (checking if routing table points for this source IP to the interface it came on) and versrcreach (the same but default and blackhole routes don't count). -- this space was intentionally left blank | Łukasz Bromirski you can insert your favourite quote here | lukasz:bromirski,net
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?43B5C7E1.8060400>