Anti-spoofing rules on the bridge interface
dekdek last edited by
As jimp said in an old post, i've got this :
On 2.0 you'd actually want to have WAN and LAN without an IP, and have the bridge interface assigned and have
your "WAN" IP be assigned directly to the bridge interface.
OK, it's work great !!
But now i would like to continue with good practices.
I understand that the rules must be put on the bridge interface.
For many rules it's ok but what about this one for example :
block internal addresses appearing from the outside (anti-spoofing rules)
??? How to do that ???