On 2021-05-22, Mogens Jensen wrote:
> On Friday, May 21, 2021 8:22 AM, Peter N. M. Hansteen wrote:
>> quoting pf.conf(5):
>>
>> " The antispoof directive expands to a set of filter rules which will block
>> all traffic with a source IP from the network(s) directly connected to
>> the specified in
> 22. mai 2021 kl. 17:02 skrev Mogens Jensen :
>
>
> Let's say I'm assigned dynamic IP address 192.0.2.5/24 from my ISP on
> external interface em0.
>
> antispoof em0 inet
>
> Expands to:
>
> block drop in on ! em0 inet from 192.0.2.0/24 to any
> block drop in inet from 192.0.2.5 to any
>
On Friday, May 21, 2021 8:22 AM, Peter N. M. Hansteen wrote:
> quoting pf.conf(5):
>
> " The antispoof directive expands to a set of filter rules which will block
> all traffic with a source IP from the network(s) directly connected to
> the specified interface(s) from entering the system through
On Fri, May 21, 2021 at 05:32:32AM +, Mogens Jensen wrote:
> The antispoof directive will expand to two block rules with IP address
> of the interface, so I would think that with a dynamic IP, the interface
> should be surrounded in parentheses like this:
>
> antispoof for (wi0)
quoting pf.co
The antispoof directive will expand to two block rules with IP address
of the interface, so I would think that with a dynamic IP, the interface
should be surrounded in parentheses like this:
antispoof for (wi0)
But this seems to be wrong, as I have not read any guide or FAQ that
does this, e.g. t
5 matches
Mail list logo