]> CyberLeo.Net >> Repos - FreeBSD/releng/9.2.git/blob - contrib/ipfilter/rules/server
projects / FreeBSD / releng / 9.2.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
- Copy stable/9 to releng/9.2 as part of the 9.2-RELEASE cycle.
[FreeBSD/releng/9.2.git] / contrib / ipfilter / rules / server
1 #
2 # For a network server, which has two interfaces, 128.1.40.1 (le0) and
3 # 128.1.2.1 (le1), we want to block all IP spoofing attacks.  le1 is
4 # connected to the majority of the network, whilst le0 is connected to a
5 # leaf subnet.  We're not concerned about filtering individual services
6 # or 
7 #
8 pass in quick on le0 from 128.1.40.0/24 to any
9 block in log quick on le0 from any to any
10 block in log quick on le1 from 128.1.1.0/24 to any
11 pass in quick on le1 from any to any
9.2-RELEASE