aboutsummaryrefslogtreecommitdiff
path: root/netsec-assignment5-S4498062/exercise2/exercise2c
blob: f16c7311679ba16fb8cd713a0d710f4279af61aa (plain) (blame) 
1
2
3
4
5

We could reject all packets with a spoofed IP address by only accepting packets
where the source address is in our subnet:

# iptables -A OUTPUT -j DROP
# iptables -A OUTPUT -s 203.0.113.0/24 ACCEPT
generated by cgit v1.2.3 (git 2.39.1) at 2025-04-30 06:05:46 +0000