Son, Yeongsik wrote:
One of linux server contains rule set like these:
iptables -A INPUT -p tcp --syn --dport 80 - m connlimit --conlimit-above 20
-j DROP
iptables -A INPUT -m recent --name KIN -rcheck --seconds 300 -j DROP
iptables -A INPUT -p tcp --syn --dport 80 -m connlimit --connlimit-above 5
-m recent --name KIN -set -j DROP
simply means,
drop ip try to connect tcp port 80 over 20 connections.
when it happens, drop ip for 5 minutes.
iptables -A INPUT -p udp --dport 53 -m length --length 512:65535 -j DROP
briefly,
drop ip try to connect udp port 53 which packet length is 512 ~ 65535.
I want using those rules on freebsd servers, but I don't know those kind of
sophisticated functions of ipfw.
Is that possible freebsd?
not in ipfw but I think pf can do that.
Some people may have done that with ipfw using an external agent,
but I don't know who/how.
Let me share your knowledge.
_______________________________________________
[email protected] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
_______________________________________________
[email protected] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
