DragonFly users List (threaded) for 2007-01
DragonFly BSD
DragonFly users List (threaded) for 2007-01
[Date Prev][Date Next]  [Thread Prev][Thread Next]  [Date Index][Thread Index]

Re: max-src-conn-rate


From: Gergo Szakal <bastyaelvtars@xxxxxxxxx>
Date: Tue, 23 Jan 2007 21:29:31 +0100

On Tue, 23 Jan 2007 21:07:08 +0100
Joerg Sonnenberger <joerg@britannica.bec.de> wrote:

> 
> I don't think that can be done easily. Have you tought about just
> limiting the number of connections for the host/net? See max-src-states.
> 

Well, that is not an option in my case, because I need to get the banned IPs since they are static and I have to make sure no such connections are permitted to go through my firewall until the client machine's disinfection. It is easier for me and more secure.
Thanks for the answer anyway, I'll probably give it a try, it's more than nothing, though I could just play with a script that processes pfctl -si output and executes pfctl -T infected -t add ip, since the destination ports being swept are well-known.

-- 
Gergo Szakal <bastyaelvtars@gmail.com>
University Of Szeged, HU
Faculty Of General Medicine

/* Please do not CC me with replies, thank you. */



[Date Prev][Date Next]  [Thread Prev][Thread Next]  [Date Index][Thread Index]