On Saturday 08 March 2003 02:07 pm, Patrick Welche wrote:
> On Sat, Mar 08, 2003 at 01:27:18PM -0600, Dave Uhring wrote:
> > On Saturday 08 March 2003 01:03 pm, Patrick Welche wrote:
> > > In all the recommendations for firewall rules, there seem to be a
> > > ream of block 192.186/16 127/8 etc rules to prevent such
> > > unrouteable addresses from coming in on your interface. If my
> > > interface is 12.34.56.78 netmask 0xffffff00, how could such
> > > packets be accepted by it anyway?
> >
> > The block rules are for packets FROM RFC1918 addresses not TO such
> > addresses.
>
> I still don't understand. How could my interface accept a packet from
> such an address given that it doesn't match its ip/netmask? (BTW I
> think my question did mean FROM and not TO didn't it?)

Your system will accept packets directed to your IP address irrespective=20
of their source IP address unless you filter undesirable source IP=20
addresses.  Read the HOWTO:

http://www.obfuscation.org/ipf/ipf-howto.html