diff options
Diffstat (limited to 'share/ipf/example.12')
| -rw-r--r-- | share/ipf/example.12 | 17 |
1 files changed, 17 insertions, 0 deletions
diff --git a/share/ipf/example.12 b/share/ipf/example.12 new file mode 100644 index 00000000000..c0ba1d3cdda --- /dev/null +++ b/share/ipf/example.12 @@ -0,0 +1,17 @@ +# +# get rid of all short IP fragments (too small for valid comparison) +# +block in proto tcp all with short +# +# drop and log any IP packets with options set in them. +# +block in log all with ipopts +# +# log packets with BOTH ssrr and lsrr set +# +log in all with opt lsrr,ssrr +# +# drop any source routing options +# +block in quick all with opt lsrr +block in quick all with opt ssrr |