[ previous ] [ next ] [ threads ]
 
 From:  "Molle Bestefich" <molle dot bestefich at gmail dot com>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: even more dumb questions: anti-spoofing
 Date:  Thu, 25 May 2006 11:47:34 +0200 
Chris Buechler wrote:
> No.  Only the local subnet off of an interface is permitted outbound.
> That's automatically taken care of.

I think there should be a "SrcIp NOT <networks behind interface>"
pseudo-rule in the rule editor, just as there is a rfc-1918-block
pseudo rule.  It would make the above much clearer?