Hello all,
I sent this message to -pf list, but no one answered. I would like to
verify my assumptions regarding the way pf's uRPF check works. I'm
using a Soekris net5501 board as a firewall; port 0 ($ext_if) is
internet uplink, ports 1-3 ($int_if, $mil_if, $vpn_if) are separate
lan segments
Maxim Khitrov wrote:
block in quick on $int_if from !$int_if:network
block in quick on !$int_if from $int_if:network
block in quick from $int_if
The OpenBSD pf faq states that urpf-check is equivalent to the
antispoof rules, but the antispoof section lists only the last two
rules in my example
On Sat, Sep 12, 2009 at 9:10 AM, Matthew
Seamanm.sea...@infracaninophile.co.uk wrote:
Maxim Khitrov wrote:
block in quick on $int_if from !$int_if:network
block in quick on !$int_if from $int_if:network
block in quick from $int_if
The OpenBSD pf faq states that urpf-check is equivalent to