Date: Thu, 29 Feb 1996 09:07:06 -0800 From: Paul Traina <pst@shockwave.com> To: Poul-Henning Kamp <phk@critter.tfs.com> Cc: Joe Greco <jgreco@brasil.moneng.mei.com>, fenner@parc.xerox.com (Bill Fenner), nate@sri.MT.net, stable@FreeBSD.ORG, current@FreeBSD.ORG Subject: Re: IPFW (was: Re: -stable hangs at boot) Message-ID: <199602291707.JAA05845@precipice.shockwave.com> In-Reply-To: Your message of "Thu, 29 Feb 1996 09:53:35 %2B0100." <2612.825584015@critter.tfs.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On sites that I run, my filter rules -start- with: deny <my networks> any deny <multicast and above> any deny 127.0.0.0 0.255.255.255 any deny 0.0.0.0 0.255.255.255 any deny <1597 nets> any The idea is that you want to block off all source addresses that you should never expect to see. 127 is a favorite of mine, because a lot of people have localhost in their hosts.equiv files. Paul
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199602291707.JAA05845>