CyberLeo.Net >> Repos - FreeBSD/FreeBSD.git/commit

]> CyberLeo.Net >> Repos - FreeBSD/FreeBSD.git/commit

projects / FreeBSD / FreeBSD.git / commit

author	andre <andre@FreeBSD.org>
	Mon, 9 Aug 2004 16:12:10 +0000 (16:12 +0000)
committer	andre <andre@FreeBSD.org>
	Mon, 9 Aug 2004 16:12:10 +0000 (16:12 +0000)
commit	649b4336f4c3f3c74176cbaa17d1a54288018ba7
tree	27711afab76e2f06f811864d8a12773ee41b9de3	tree \| snapshot
parent	7f0c7f1817c6d5615439d9cc6ca22f49f538c591	commit \| diff

New ipfw option "antispoof":

For incoming packets, the packet's source address is checked if it
belongs to a directly connected network. If the network is directly
connected, then the interface the packet came on in is compared to
the interface the network is connected to. When incoming interface
and directly connected interface are not the same, the packet does
not match.

Usage example:

ipfw add deny ip from any to any not antispoof in

Manpage education by: ru

sbin/ipfw/ipfw.8		diff \| blob \| history
sbin/ipfw/ipfw2.c		diff \| blob \| history
sys/netinet/ip_fw.h		diff \| blob \| history
sys/netinet/ip_fw2.c		diff \| blob \| history

Unnamed repository; edit this file 'description' to name the repository.

RSS Atom