On Tue, Jul 15, 2008 at 10:17:47PM +0200, [EMAIL PROTECTED] wrote:
> Hi,
> Want to know if antispoof also include the alias ip address(es) off
> the given interface?
It does:
$ sudo ifconfig lo0 alias 1.2.3.4 netmask 255.255.255.255
$ ifconfig lo0
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 33204
groups: lo
inet 127.0.0.1 netmask 0xff000000
inet6 ::1 prefixlen 128
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x4
inet 1.2.3.4 netmask 0xffffffff
$ sudo cat /etc/pf.conf
antispoof for lo0
$ sudo pfctl -e -f /etc/pf.conf
pf enabled
$ sudo pfctl -sr
block drop in on ! lo0 inet from 127.0.0.0/8 to any
block drop in on ! lo0 inet from 1.2.3.4 to any
block drop in on ! lo0 inet6 from ::1 to any
Martin
