diff options
| author | dm <dm@cvs.openbsd.org> | 1996-07-18 05:57:25 +0000 |
|---|---|---|
| committer | dm <dm@cvs.openbsd.org> | 1996-07-18 05:57:25 +0000 |
| commit | 32c1571b6340f34ac25cc12f7bbac65dd8209b45 (patch) | |
| tree | bf257b3cd4eadd635f5ee6cf370dcbe9e2b2ba20 /share/ipf/example.15 | |
| parent | 855450577164de85ddee7341a7ed13c7073882ca (diff) | |
added my two firewall examples, plus the stuff from the distribution
Diffstat (limited to 'share/ipf/example.15')
| -rw-r--r-- | share/ipf/example.15 | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/share/ipf/example.15 b/share/ipf/example.15 new file mode 100644 index 00000000000..5eafc7c0216 --- /dev/null +++ b/share/ipf/example.15 @@ -0,0 +1,11 @@ +# +# For a network server, which has two interfaces, 128.1.40.1 (le0) and +# 128.1.2.1 (le1), we want to block all IP spoofing attacks. le1 is +# connected to the majority of the network, whilst le0 is connected to a +# leaf subnet. We're not concerned about filtering individual services +# or +# +pass in quick on le0 from 128.1.40.0/24 to any +block in quick log on le0 from any to any +block in quick log on le1 from 128.1.1.0/24 to any +pass in quick on le1 from any to any |