Hello,
I would like to block ICMP and UDP flooders who exceed a reasonable number.
#- Rate Limit UDP (150 per host)
pass proto udp to any port $udp_services keep state
pass in quick proto udp from any to any \
keep state \
(max-src-conn 1,max-src-states 151, \
overload <DDoS> flush global)
#- Rate Limit ICMP (10 per host)
pass in quick proto icmp from any to any \
keep state \
(max-src-conn 1,max-src-states 11, \
overload <DDoS> flush global)
Comments?
--
Regards,
-Abdullah Ibn Hamad Al-Marri
Arab Portal
http://www.WeArab.Net/
_______________________________________________
[email protected] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-pf
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
