On Wed, 6 Nov 2002, Michiel van Baak wrote: > I know they have to block it in the router. > But that's not the case with my network and now I want to block them in the router >here. > It's a box that does NAT for our internal net and runs smtp,pop3,www,https and ssh > > Is there a way to do it with pf?
Sure, pf blocks whatever you specify ... but you knew that. I guess you have to be more specific, what exactly do you want to protect against? 'dDos attacks' is too generic. For example: there's nothing you can do with pf (or other firewall software) to stop someone from filling up your downstream network pipe with spoofed garbage traffic. The only real solution to that is to trace it back, hop-by-hop, and block it as early as possible. This requires cooperation from all ISP's involved. There's not much you can do yourself, except contacting your ISP. -- Cam
