On Wed, Nov 06, 2002 at 12:44:38PM +0100, Sacha Ligthert wrote: > I wonder on the other side what can be done (by pf) to prevent the host > being used as a zombie spawning (spoofed) packets like mad. Anybody a clue?
you can stop spoofed packets from going out by only passing things out which have the ip address of the external interface as the source addr. of course you need root to spoof packets, so chances are whoever is doing the spoofing can also modify your pf rules. - jolan
