Hello, I hope that this is a good place to post this. I?m running 4.7-stable, sshd, bind, apache+ssl and I have ipf as firewall. So far ipf performed admirably, but the possibility of being flooded appeared. I don?t recall that ipf has that capability to allow only a certain number of packets to enter (like linux?s iptables), so I?m considering switching to ipfw2. But, I after looking trough the syntax, I haven?t found what I was looking for. So, how can i avoid flood with ipfw2. Thank you, Daniel ________________________________________________________________________ Want to chat instantly with your online friends? Get the FREE Yahoo! Messenger http://mail.messenger.yahoo.co.uk
In article <20030925094954.23240.qmail@web40401.mail.yahoo.com> of freebsd.stable group you wrote: DB> So, how can i avoid flood with ipfw2. 00010 check-state 00020 allow tcp from any to me 21,22,25,119,993 setup limit src-addr 2 in recv fxp0 of course you should decide yourself which ports you want to protect and how many connections you want to allow -- http://aquatique.rusunix.org
I think i know where i made the mistake... I thought connection means client, not tcp connection -----Original Message----- From: Evgueni V. Gavrilov [mailto:aquatique@rusunix.org] Sent: Thursday, September 25, 2003 4:18 PM To: freebsd-stable@FreeBSD.ORG In article <20030925094954.23240.qmail@web40401.mail.yahoo.com> of freebsd.stable group you wrote: DB> So, how can i avoid flood with ipfw2. 00010 check-state 00020 allow tcp from any to me 21,22,25,119,993 setup limit src-addr 2 in recv fxp0 of course you should decide yourself which ports you want to protect and how many connections you want to allow -- http://aquatique.rusunix.org _______________________________________________ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "freebsd-stable-unsubscribe@freebsd.org"