diff options
| author | dm <dm@cvs.openbsd.org> | 1996-01-09 09:29:53 +0000 |
|---|---|---|
| committer | dm <dm@cvs.openbsd.org> | 1996-01-09 09:29:53 +0000 |
| commit | 580705fd00c4c825c1b4c8f99a3b5e13b1ca7334 (patch) | |
| tree | a57a5d4077ccee71d613431cdc380a9bc86ff960 /share/ipf/example.12 | |
| parent | 62bcfe4fb97a3c16cd569d6957f3cd6e9b73e8a1 (diff) | |
added IP filter to netstat/rc and put examples in /usr/share/ipf
Diffstat (limited to 'share/ipf/example.12')
| -rw-r--r-- | share/ipf/example.12 | 17 |
1 files changed, 17 insertions, 0 deletions
diff --git a/share/ipf/example.12 b/share/ipf/example.12 new file mode 100644 index 00000000000..c0ba1d3cdda --- /dev/null +++ b/share/ipf/example.12 @@ -0,0 +1,17 @@ +# +# get rid of all short IP fragments (too small for valid comparison) +# +block in proto tcp all with short +# +# drop and log any IP packets with options set in them. +# +block in log all with ipopts +# +# log packets with BOTH ssrr and lsrr set +# +log in all with opt lsrr,ssrr +# +# drop any source routing options +# +block in quick all with opt lsrr +block in quick all with opt ssrr |