On Tuesday 09 September 2003 18:09, Alexander Farber wrote: > I've always wondered, why write the firewall rules > blocking some IP addresses (like on the bottom of this mail). > Doesn't it make more sense only to allow connections > addressed to the external IP of your firewall, like > > block in on rl0 from any to any > pass in quick on rl0 from any to $myExtIP www > pass in quick on rl0 from any to $myExtIP ssh
The question was only to make sure spoofing was impossible. So I showed how to block the intern IPS, as stated in the RFC's :-) And I added a few ones too. What you gave was for a good firewall, what was asked was how to anti-spoof, right? :-) -- Kind regards, Guilmot Mike _______________________________________________ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"