search for: dyn_count

Displaying 3 results from an estimated 3 matches for "dyn_count".

2003 May 30
1
Strange startup messages
...101 fw RW Node 100 enable RW *Handler Int 101 one_pass RW *Handler Int 102 debug RW *Handler Int 103 verbose RW *Handler Int 104 verbose_limit RW *Handler Int 105 dyn_buckets RW *Handler Int 106 curr_dyn_buckets R *Handler Int 107 dyn_count R *Handler Int 108 dyn_max RW *Handler Int 109 static_count R *Handler Int 110 dyn_ack_lifetime RW *Handler Int 111 dyn_syn_lifetime RW *Handler Int 112 dyn_fin_lifetime RW *Handler Int 113 dyn_rst_lifetime RW *Handler Int 114 dyn_udp_lifeti...
2004 Feb 13
3
SYN Attacks - how i cant stop it
...e timeout on connection > net.inet.ip.fw.dyn_syn_lifetime=20 > net.inet.ip.fw.dyn_fin_lifetime=20 > net.inet.ip.fw.dyn_rst_lifetime=5 > net.inet.ip.fw.dyn_short_lifetime=10 #longer timeout for e.g. icmp > net.inet.ip.fw.dyn_max=1500 #higher number of dynamic rules > net.inet.ip.fw.dyn_count: #count of number of dynamic rules > > ipfw; > There's a zillion ways to set it up. start with a few rules regarding > lo0 and icmp. Then use stateful inspection and dynamic rules for the > rest of the wall. > > ... and by the way, I could see that a few of the scan came...
2004 Feb 06
2
IPFIREWALL_DEFAULT_TO_ACCEPT becomes default to deny
Hey Guys, today I upgraded to 4.8-RELEASE-p15. As usual I set IPFIREWALL to default accept in my kernel config file. Config & make weren't complaining so, installed the kernel, reboot and there it was: >IP packet filtering initialized, divert disabled, rule-based forwarding enabled, default to deny, logging disabled Another rebuild didn't work out so... I reviewed