From owner-freebsd-pf@FreeBSD.ORG  Sun Nov  9 11:07:26 2008
Return-Path: <owner-freebsd-pf@FreeBSD.ORG>
Delivered-To: freebsd-pf@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 830E21065674
	for <freebsd-pf@freebsd.org>; Sun,  9 Nov 2008 11:07:26 +0000 (UTC)
	(envelope-from danger@FreeBSD.org)
Received: from services.rulez.sk (services.rulez.sk [92.240.234.125])
	by mx1.freebsd.org (Postfix) with ESMTP id 39B7A8FC2E
	for <freebsd-pf@freebsd.org>; Sun,  9 Nov 2008 11:07:26 +0000 (UTC)
	(envelope-from danger@FreeBSD.org)
Received: from localhost (services.rulez.sk [92.240.234.125])
	by services.rulez.sk (Postfix) with ESMTP id 6777613344A1;
	Sun,  9 Nov 2008 11:47:35 +0100 (CET)
X-Virus-Scanned: amavisd-new at rulez.sk
Received: from services.rulez.sk ([92.240.234.125])
	by localhost (services.rulez.sk [92.240.234.125]) (amavisd-new,
	port 10024)
	with ESMTP id paEVV9VgOWGc; Sun,  9 Nov 2008 11:47:34 +0100 (CET)
Received: from DANGER-PC (danger.mcrn.sk [84.16.37.254])
	(using TLSv1 with cipher AES256-SHA (256/256 bits))
	(No client certificate requested)
	(Authenticated sender: danger@rulez.sk)
	by services.rulez.sk (Postfix) with ESMTPSA id 877661334493;
	Sun,  9 Nov 2008 11:47:34 +0100 (CET)
Date: Sun, 9 Nov 2008 11:47:20 +0100
From: Daniel Gerzo <danger@FreeBSD.org>
X-Mailer: The Bat! (v3.99.3) Professional
Organization: The FreeBSD Project
X-Priority: 3 (Normal)
Message-ID: <425228071.20081109114720@rulez.sk>
To: "Elvir Kuric" <omasnjak@gmail.com>
In-Reply-To: <1814bfe70811090137v39cd6434l49b545eb3b6eb88c@mail.gmail.com>
References: <1814bfe70811090137v39cd6434l49b545eb3b6eb88c@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Cc: freebsd-pf@freebsd.org
Subject: Re: Blocking udp flood trafiic using pf, hints welcome
X-BeenThere: freebsd-pf@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
Reply-To: Daniel Gerzo <danger@FreeBSD.org>
List-Id: "Technical discussion and general questions about packet filter
	\(pf\)" <freebsd-pf.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-pf>,
	<mailto:freebsd-pf-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-pf>
List-Post: <mailto:freebsd-pf@freebsd.org>
List-Help: <mailto:freebsd-pf-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-pf>,
	<mailto:freebsd-pf-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 09 Nov 2008 11:07:26 -0000

Hello Elvir,

Sunday, November 9, 2008, 10:37:29 AM, you wrote:

> My question would be, what are your experinces with battling against
> boring udp flooders ? Platform are FreeBSD / OpenBSD and all works
> like a charm except time to time, stupid udp flood atacks.

Ask your ISP to block UDP upfront, so that it won't hit you at all.
You probably don't need incomming UDP anyway...

-- 
Best regards,
 Daniel                            mailto:danger@FreeBSD.org