# pf firewall - antispoof rules vs. uRPF



## troy (Dec 3, 2008)

pf FAQ says that uRPF provides the same functionality as antispoof rules (http://www.openbsd.org/faq/pf/filter.html). Could anyone point out the difference (if there is any) between these two?

Thank you.


----------



## aragon (Dec 5, 2008)

To me it looks like antispoof is simply a shortcut to the two rules to which it expands.  It's limited to only checking IP addresses that are local to an interface based on the IP address and netmask assigned to it.

uRPF performs a routing table lookup.  This would allow PF to permit traffic from IP addresses local to the machine's interfaces (as with antispoof) and from IP addresses with a nexthop in the routing table.


----------

