with Confusion about ipfw rules.
This is a situation where I thought I knew more than I
actually do. I set up a new domain name server with a
client-type firewall after having tested it first, but there is
nothing like hundreds of thousands of packets per hour to show
the weak spots.
I made
fbsd2 writes:
I use the sample ipfw rules with keep state as shown in the handbook
they do work fine. They just aren't meant for the kind of load
they were under. I needed to know how to get the same
functionality by other means.
If you use the keep-state directive, high traffic can
This is a situation where I thought I knew more than I
actually do. I set up a new domain name server with a
client-type firewall after having tested it first, but there is
nothing like hundreds of thousands of packets per hour to show
the weak spots.
I made the mistake of setting