Igor Podlesny wrote: > [...] > > to be honest I don't know at top of my head, what is a good/typical > > use-case for if-bound state policy. I assume those set-ups must be > > rare/special. > > anti-spoofing. > > In case one suspects a spoofing attack can be carried out on some "side" > network > interface(s), leveraging if-bound state option allows to eliminate the threat.
Isn't "antispoof" for that already? > > An example: https://www.openwall.com/lists/oss-security/2019/12/05/1 -- Victor Sudakov, VAS4-RIPE, VAS47-RIPN 2:5005/49@fidonet http://vas.tomsk.ru/
