The Reverse Firewall works by filtering the outgoing packets from a network. The difference between a legitimate application that uses high bandwidth and a packet flooding attack is that, in the former case, the machine at the other end of the conversation is participating in a two-way conversation. In the case of a DoS attack, the exchange is one sided.
One situation where this concept is useful ... and I've typically used ACLs to control it, is where someone inside my company, like in the accounting department or facilities, wants to "help" me with security and installs Trinux or BigBrother or other "free tools" to monitor resources that they use, that may be accross our leased lines or FrameRelay links.....connections that would be otherwise assumed to be "safe". And yet such people don't understand the impact of what they are doing and I get 8000 ICMP requests going out all over the place....then they wonder how I knew!!!! <//quitting now before damed up emotions erupt>