Date: Wed, 23 Jun 2010 21:18:35 +0200 From: no name <britneyfreek@googlemail.com> To: claudiu vasadi <claudiu.vasadi@gmail.com> Cc: "freebsd-pf@freebsd.org" <freebsd-pf@freebsd.org> Subject: Re: can pf block a string ? or better, to limit it ? Message-ID: <7114830758496124649@unknownmsgid> In-Reply-To: <AANLkTima26GreX5jtmdJiR2FbNiB5O4ixN92oqxktTmb@mail.gmail.com> References: <AANLkTima26GreX5jtmdJiR2FbNiB5O4ixN92oqxktTmb@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
i can't recall it, was dc tcp or udp based? however, you could try to limit the number of possible connections in a specific time frame. using linux, you could even use the l7 ipfilter extension to inspect a packet's payload and do some limiting based on that. ... just some thoughts. --- =E2=80=9CYour time is limited, so don't waste it living someone else's life= . Don't be trapped by dogma - which is living with the results of other people's thinking. Don't let the noise of other's opinions drown out your own inner voice. And most important, have the courage to follow your heart and intuition. They somehow already know what you truly want to become. Everything else is secondary.=E2=80=9D - Steve Jobs Am 23.06.2010 um 20:30 schrieb claudiu vasadi <claudiu.vasadi@gmail.com>: > Hello fellas, > > > system: freebsd 8.0 with pf > > > A couple of years ago I wanted to limit a string with pf and I could > not > find a way to do it. > > Back in the day, I was running a dc++ software on FreeBSD and the most > common way of flood was this "string attack". The idea was simple: > more than > "x" number of packages containing this "string" =3D dc++ software > stuck. I > remember a friend of mine was able to limit the number per second to > something but I was unable to do the same in pf. Back then I was using > FreeBSD6.2 but I can't find a way to do it even now. > > > Can someone shed some light ? Were you trying something similar ? > _______________________________________________ > freebsd-pf@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-pf > To unsubscribe, send any mail to "freebsd-pf-unsubscribe@freebsd.org"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?7114830758496124649>