> -----Original Message----- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of > Bryan Irvine > Sent: Wednesday, August 24, 2005 10:11 AM > To: Misc OpenBSD > Subject: Re: /usr/share/pf/ suggestion > > > I personally like to 'pass keep state' with a 'scrub all' rule. This > > at least gives me some interesting statistics to poke at when I'm > > bored. Plus, I can firewall who gets to ssh into my machine. > > Another good use is {max-src-states ##} for webservers and the like. > I have a webserver that would crash at 9am every morning when a few > bots (2 in particaular) would crawl the site. They are poorly > configured and open roughly 120 simlutaneous connections. They were > very low bandwidth, but there went all available connections. > > To quote Theo it's "Horse-shit" to say you don't need to filter single > hosts. > > --Bryan
What crashed? Apache or OpenBSD?