View Full Version : pf and antispoof rule
February 19th, 2010, 13:12
Does it make sense to create antispoof rule on external device ng0 which is connect to internet (through PPPoE) ?
February 19th, 2010, 15:05
Any interface with an IP on it can use antispoof.
February 24th, 2010, 00:18
I use only RFC1918 addresses in my internal network. Most people say that this can't be reached from the internet as it is not routed. But this is not the case with my ISP. They use RFC1918 also in their ISP backbone and theoretical could access my box. Therefore antispoofing makes sense. Of course this could not happen with a strict ruleset... But I don't see any reason to omit antispoofing if it is possible from the network layout.
vBulletin® v3.8.7, Copyright ©2000-2013, vBulletin Solutions, Inc.