This really depends on the software/hardware you use as your firewall.
For ipchains (linux) the -i flag specifies the interface the packet is
going through. An example rule for ipchains to block and log packets
from 192.168.0.0/24 coming in from the external interface is:
eth0 is the external interface...
# ipchains -A input -j DENY -i eth0 -s 192.168.0.0/24 -d 0.0.0.0/0 -l
Kamatchi Sundaram wrote:
>
> Hi,
>
> If any source spoofed pkt comes in, first I will chech whether the source address
>present in the pkt is one of my internal network address (or route entry), if so, I
>will be checking the Interface through which the pkt has come, is my external
>interface. If it so, it will be blocked.
>
> My question is, how do I know that the interface through wich the pkt has come is
>External or Internal interace.?
>
> To know about the interface detail, do I need to maintain a interface table in
>packet filtering router, saying that the Interface 1 and 2 is internal interface and
>the Interface 3 is external interface. Is this is the only way to differentiate the
>internal and external interfaces or any other method is there, otherthen configuring
>the interface detail in the interface table as statically?.
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
