Re: [m0n0wall] Blocking inbound traffic

From:	Chris Buechler <cbuechler at gmail dot com>
To:	Don Munyak <don dot munyak at gmail dot com>
Cc:	m0n0wall at lists dot m0n0 dot ch
Subject:	Re: [m0n0wall] Blocking inbound traffic
Date:	Fri, 12 Aug 2005 10:23:58 -0400

On 8/12/05, Don Munyak <don dot munyak at gmail dot com> wrote:
> 
> ...So putting "Egress" filters for LAN or DMZ, while not a bad idea,
> really only accomplishes reducing useless traffic that will get
> dropped anyway, once it hits the ISP...correct ??
> 

If those egress filters are filtering only bogon destination networks,
correct.

That's not the  typical use of egress filters though.  On most
firewalls you'd want to limit your source addresses via egress to only
your internal networks, but m0n0wall does that automatically.  Other
useful egress would be limiting what services people can access.

-Chris