On Wed, 31 Mar 2010, Eugene Yunak wrote: >On 31 March 2010 19:27, N. Arley Dealey <arley.dea...@gmail.com> wrote: >> It would appear to me that antispoof and URPF achieve similar results. Is >> there a reason to prefer one over the other? > >Not at all. antispoof blocks ip packets that came in from the wrong >interface, while URPF blocks packets from "aliens" (no entry in >routing table for the source address). Just look at the output of >pfctl -sr
If I'm reading the documentation for URPF correctly, that's not true -- URPF blocks packets which arrive on an interface which is not pointed to by a route to the packet's source address, which is somewhat similar to what antispoof does. Dave -- Dave Anderson <d...@daveanderson.com>