I am trying to create these two ipfw rules:

deny all packets with an ack of zero

deny all tcp packets with no MSS specified

Can anyone show me the syntax to do that ?  Also, comments on bad things
that could happen if I put these in are appreciated.  AFAIK, the only
thing that can happen is that 1 in every 2^32 valid packets will be denied
by the ack zero rule, and that the second rule will not affect anything
except people using syn flood tools - since every valid tcp packet should
have a MSS, right ?


To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-questions" in the body of the message

Reply via email to