From: "Molle Bestefich" <molle dot bestefich at gmail dot com>
> How do you guys setup anti-spoofing?
> It seems to me like I have to make anti spoofing rules manually, and
> on each individual interface?
> I would like to tell m0n0wall that eg. these are my networks:
> * foo 192.168.1.0/24
> * bar 192.168.2.0/24
> And then multi-home one of the adapters, that is in effect tell
> m0n0wall that "foo" sits behind fxp0, and so does "bar", and please
> automatically generate anti-spoofing rules.
> I can't find any feature like this, although some of the interfaces
> does have a "static IP" option. I wouldn't mind if the firewall had a
> static IP in each of the above mentioned networks, so I guess it would
> be nice if I could create a network definition including a static IP
> address and use that for anti-spoofing. But there's only one static
> IP field, so I guess that's not the solution either.
> Is anti-spoofing really a manual process?
It is built in. Dead at the bottom of http://gateway/interfaces_wan.php is
"Block private networks"