DaemonForums  

Go Back   DaemonForums > OpenBSD > OpenBSD Security

OpenBSD Security Functionally paranoid!

 
 
Thread Tools Display Modes
Prev Previous Post   Next Post Next
  #1   (View Single Post)  
Old 9th March 2012
aleunix aleunix is offline
Real Name: Alessandro
Spam Deminer
 
Join Date: May 2008
Location: Italy
Posts: 224
Default Which is the best antispoof code between these?

Blocking Spoofed Packets
Given this initial code:
Quote:
# Macros
# The external interface (connected to internet)
ext_if="re0"
# don't filter on the loopback interface
set skip on lo0
Which is better between these follows code?
1)
Quote:
antispoof quick for $ext_if
2)
Quote:
antispoof quick for $ext_if inet
3)
Quote:
antispoof quick for { lo $ext_if }
All these variant works, previously i used the last because exist even an example here:
The Complete Ruleset
but i have the impression that isn't useful given the skip instruction.
Using the first i can drop even ipv6 address (now i'm using ipv4 address).

Last edited by aleunix; 9th March 2012 at 10:43 AM.
Reply With Quote
 

Tags
antispoof, firewall, pf

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Security pcAnywhere let anyone anywhere inject code into PCs J65nko News 5 8th March 2012 10:56 AM
BSD code is used where? Broodjegehaktmetmayo Other BSD and UNIX/UNIX-like 7 8th March 2010 06:19 PM
Obfuscated Code JMJ_coder Programming 14 5th November 2009 05:00 PM
Source code for ed? matt FreeBSD Ports and Packages 1 21st October 2008 08:18 PM


All times are GMT. The time now is 06:29 AM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick