xref: /illumos-gate/usr/src/cmd/ipf/examples/server (revision 7c478bd9)
2# For a network server, which has two interfaces, (le0) and
3# (le1), we want to block all IP spoofing attacks.  le1 is
4# connected to the majority of the network, whilst le0 is connected to a
5# leaf subnet.  We're not concerned about filtering individual services
6# or
8pass in quick on le0 from to any
9block in log quick on le0 from any to any
10block in log quick on le1 from to any
11pass in quick on le1 from any to any