tech-net archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: Anti-Spoofing
So to answer my own questions: At least on 3.1 (which was the easiest for me to
test on):
1. The filter doesn't see unicast datagrams from me to me at all.
2. Both broadast or multicast datagrams from me are seen twice by the filter.
3. It works to use ``keep state'' with them.
I still don't know what happens to fake packets from outside pretending to be
sent ``by me''. I hope they will be seen by the filter. If that's indeed the
case, the following sould wok:
pass out on IF from ME to BCAST keep state
pass out on IF from ME to 224.0.0.0/24 keep state
block in quick on IF from ME to any
Home |
Main Index |
Thread Index |
Old Index