Hi
I have a single laptop with pf and a modem-router. There are not external interface on the modem but I know the IP address.
Here's a few lines of my pf.conf file:
I want to know if these few rules are correct ?
Does the anti-spoofing protection and the non-routable ipv4 addresses also apply to router IP address ?
Thanks a lot
I have a single laptop with pf and a modem-router. There are not external interface on the modem but I know the IP address.
Here's a few lines of my pf.conf file:
Code:
int_if = "trunk0"
def_gateway = "IP address"
table ‹martians› { 0.0.0.0/8, 10.0.0.0/8, 100.64.0.0/10, \
127.0.0.0/8, 127.0.53.53, 169.254.0.0/16, \
172.16.0.0/12, 192.0.0.0/24, 192.0.2.0/24, \
192.168.0.0/16, 198.18.0.0/15, 198.51.100.0/24, \
203.0.113.0/24, 224.0.0.0/4, 240.0.0.0/4, \
255.255.255.255/32 }
# enable spoofing protection
antispoof quick for { lo0 $int_if $def_gateway } inet
# block non-routable ipv4 addresses
block in $log_block quick on $def_gateway from ‹martians› to any
block out $log_block quick on $def_gateway from any to ‹martians›
Does the anti-spoofing protection and the non-routable ipv4 addresses also apply to router IP address ?
Thanks a lot