Hi, I''ve been listennig the list for the last 3 months and i''m using iptables, ip, tc, etc... and learning to love it. Now i''ve read about an experimental netfilter "psd" that needs a patch and that can detect inbound port scans with rules like: iptables -t nat -A PREROUTING -i eth0 -d x.x.x.x -m psd -j DROP Than i see "iplimit" (-m iplimit) also experimental and the best one is that patch that allows us to filter based in the content of the packet (-m string). Questions: Are these still experimental? If so, are they supposed to go into real kernel soon? And last but not least: How can i implement all these rules? Is there a patch for all of then or i have to patch each one of them? I''m starting from a RH 7.2 vanilla kernel, are there any places where i can find cook recipes on how to implement them? Which machine (processor/memory) holds all of then working for a 2 Mgs internet connection? Thanks in advance for your time. Roberto Campos ____________________________________________ Meu Provedor Tecnologias e Informática Ltda. Rua Camerino, 128 Grs. 302 Centro - Rio de Janeiro - RJ - CEP 20080-010 Tel.: 55 21 25181011 (PABX/FAX) Telefone Móvel - Celular: 55 21 91978284
On Fri, Mar 01, 2002 at 05:16:36PM -0300, Roberto Campos wrote:> Hi, > > I''ve been listennig the list for the last 3 months and > i''m using iptables, ip, tc, etc... and learning to love it. > > Now i''ve read about an experimental netfilter "psd" that needs > a patch and that can detect inbound port scans with rules like: > > iptables -t nat -A PREROUTING -i eth0 -d x.x.x.x -m psd -j DROP > > Than i see "iplimit" (-m iplimit) also experimental and the best > one is that patch that allows us to filter based in the content > of the packet (-m string).The iptables people a very good list, see about it on http://www.netfilter.org/ I would gladly help you, but I just don''t know - the people there do. Regards, bert -- http://www.PowerDNS.com Versatile DNS Software & Services http://www.tk the dot in .tk http://lartc.org Linux Advanced Routing & Traffic Control HOWTO