[ previous ] [ next ] [ threads ]
 
 From:  "Molle Bestefich" <molle dot bestefich at gmail dot com>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  even more dumb questions: anti-spoofing
 Date:  Tue, 23 May 2006 14:32:50 +0200 
How do you guys setup anti-spoofing?

It seems to me like I have to make anti spoofing rules manually, and
on each individual interface?

I would like to tell m0n0wall that eg. these are my networks:
 * foo 192.168.1.0/24
 * bar 192.168.2.0/24

And then multi-home one of the adapters, that is in effect tell
m0n0wall that "foo" sits behind fxp0, and so does "bar", and please
automatically generate anti-spoofing rules.

I can't find any feature like this, although some of the interfaces
does have a "static IP" option.  I wouldn't mind if the firewall had a
static IP in each of the above mentioned networks, so I guess it would
be nice if I could create a network definition including a static IP
address and use that for anti-spoofing.  But there's only one static
IP field, so I guess that's not the solution either.

Is anti-spoofing really a manual process?