mirror of
https://git.FreeBSD.org/src.git
synced 2024-12-15 10:17:20 +00:00
22b5770b99
source address of a packet exists in the routing table. The default route is ignored because it would match everything and render the check pointless. This option is very useful for routers with a complete view of the Internet (BGP) in the routing table to reject packets with spoofed or unrouteable source addresses. Example: ipfw add 1000 deny ip from any to any not versrcreach also known in Cisco-speak as: ip verify unicast source reachable-via any Reviewed by: luigi |
||
---|---|---|
.. | ||
ipfw2.c | ||
ipfw.8 | ||
Makefile |