tech-net archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: Anti-Spoofing

So to answer my own questions: At least on 3.1 (which was the easiest for me to 
test on):

1. The filter doesn't see unicast datagrams from me to me at all.
2. Both broadast or multicast datagrams from me are seen twice by the filter.
3. It works to use ``keep state'' with them.

I still don't know what happens to fake packets from outside pretending to be 
sent ``by me''. I hope they will be seen by the filter. If that's indeed the 
case, the following sould wok:

pass out on IF from ME to BCAST keep state
pass out on IF from ME to keep state
block in quick on IF from ME to any

Home | Main Index | Thread Index | Old Index