Anti-spoofing rules on the bridge interface

  • Hi all,

    As jimp said in an old post, i've got this :

    On 2.0 you'd actually want to have WAN and LAN without an IP, and have the bridge interface assigned and have
    your "WAN" IP be assigned directly to the bridge interface.

    OK, it's work great !!
    But now i would like to continue with good practices.
    I understand that the rules must be put on the bridge interface.

    For many rules it's ok but what about this one for example :
    block internal addresses appearing from the outside (anti-spoofing rules)
    ??? How to do that ???

    please help.

Log in to reply