new (?) attack?
cpaul at telemetrybox.org
cpaul at telemetrybox.org
Tue Feb 26 15:51:52 PST 2002
Well, the main issue has to do with interfaces.
In NetBSD (afaik), an IP alias does not create a corresponding network interface. For example, `ifconfig ex0 10.10.220.1 alias` creates an IP alias on the interface, not a distinct interface that I could use in an ipf 'on' rule.
`block in on interface-name proto tcp from any to 10.10.220.0/24 flags S/SA`
Any ideas? This is not essential, but it could be useful for blocking spoof attacks.
Thanks,
Charles
On Tue, Feb 26, 2002 at 11:31:29PM +0000, Dustin Cross wrote:
> what problems are you having? what is your config? What resources are you using?
> I will help in any way I can.
>
> Dusty
>
> cpaul at telemetrybox.org wrote:
> >
> >Dusty,
> >
> >I am setting up a NetBSD firewall (switching over from NAT/ipfw on a MacOSX
> machine) and am running into some bonehead problems getting ipf to work kosher on a
> one-armed machine. Any thoughts?
> >
> >Thanks,
> >Charles
More information about the LUAU
mailing list