摘要 |
Reverse path forwarding protection of packets is provided using automated population of access control lists based on a forwarding information base. One implementation identifies a lookup value by extracting one or more values including a source address from a packet. An access control list lookup operation is performed on an access control list based on the lookup value to identify a permit or a deny condition, the access control list including multiple access control list entries. The packet is processed based on the permit or the deny condition identified in by the access control list lookup operation, this processing the packet based on the permit condition includes performing a forwarding lookup operation on a representation of a forwarding information base to identify a location and forwarding the packet to the location. The access control list entries are automatically generated based on a forwarding information base. |