>How does a packet filtering firewall like Firewall1 check for spoofed
>IPs? Or can it be done? Thanks!
It can be done, you just have to configure it properly. (By that, I
mean that FW-1 will not automatically set up anti-spoofing fr you.)
PFs check for spoofed packets by keeping a list of what source
addresses are legal for a particular interface. If they get a packet
with a source address that isn't legal for an interface, they typically
drop the packet and log it.
For example, if your inside interface is le0 and you use 192.168
addresses on the inside, and your outside interface (say, le2)
gets a packet coming in with a source address of 192.168, it will
complain.
Ryan
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
