1 1.1 christos # 2 1.1 christos # For a network server, which has two interfaces, 128.1.40.1 (le0) and 3 1.1 christos # 128.1.2.1 (le1), we want to block all IP spoofing attacks. le1 is 4 1.1 christos # connected to the majority of the network, whilst le0 is connected to a 5 1.1 christos # leaf subnet. We're not concerned about filtering individual services 6 1.1 christos # or 7 1.1 christos # 8 1.1 christos pass in quick on le0 from 128.1.40.0/24 to any 9 1.1 christos block in log quick on le0 from any to any 10 1.1 christos block in log quick on le1 from 128.1.1.0/24 to any 11 1.1 christos pass in quick on le1 from any to any 12
Indexes created Sat Apr 18 00:22:28 UTC 2026