Hello everyone,
antispoof for $ext_if
the above antispoof rule would expand to:
block drop in from 10.0.0.1 to any
The first rule means that blocking all traffic coming from the 10.0.0.0/24 network that does not pass in through the ext_if interface.
How to understand the meaning of this sentence?
Under what circumstances that the traffic from the 10.0.0.0/24 network passing in does not need through the ext_if interface?
ext_if IP 10.0.0.1/24
Thanks.
antispoof for $ext_if
the above antispoof rule would expand to:
block drop in on ! $ext_if from 10.0.0.0/24 to any
block drop in from 10.0.0.1 to any
The first rule means that blocking all traffic coming from the 10.0.0.0/24 network that does not pass in through the ext_if interface.
How to understand the meaning of this sentence?
Under what circumstances that the traffic from the 10.0.0.0/24 network passing in does not need through the ext_if interface?
ext_if IP 10.0.0.1/24
Thanks.