On Tuesday 09 September 2003 18:09, Alexander Farber wrote:

> I've always wondered, why write the firewall rules
> blocking some IP addresses (like on the bottom of this mail).
> Doesn't it make more sense only to allow connections
> addressed to the external IP of your firewall, like
>  block in on rl0 from any to any
>  pass in quick on rl0 from any to $myExtIP www
>  pass in quick on rl0 from any to $myExtIP ssh

The question was only to make sure spoofing was impossible. So I showed how to 
block the intern IPS, as stated in the RFC's :-)
And I added a few ones too. 

What you gave was for a good firewall, what was asked was how to anti-spoof, 
right? :-)

Kind regards,

Guilmot Mike
[EMAIL PROTECTED] mailing list
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Reply via email to