From owner-freebsd-security@FreeBSD.ORG Thu Aug 21 19:49:02 2008 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 8C3FE106567D for ; Thu, 21 Aug 2008 19:49:02 +0000 (UTC) (envelope-from hans@stare.cz) Received: from mail.czechdata.cz (mail.czechdata.cz [79.98.73.121]) by mx1.freebsd.org (Postfix) with ESMTP id C56D18FC16 for ; Thu, 21 Aug 2008 19:49:01 +0000 (UTC) (envelope-from hans@stare.cz) Received: from 172.17.4.37 ([172.17.4.37]) by mail.czechdata.cz (602LAN SUITE 2004) id 368e9307; Thu, 21 Aug 2008 21:36:12 +0200 Received: by www.stare.cz (Postfix, from userid 1000) id 8764630E1; Thu, 21 Aug 2008 21:36:09 +0200 (CEST) Date: Thu, 21 Aug 2008 21:36:09 +0200 From: Jan Stary To: Kevin Oberman Message-ID: <20080821193609.GA17896@www.stare.cz> References: <48ADA81E.7090106@aldan.algebra.com> <20080821184947.BDAE94500F@ptavv.es.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20080821184947.BDAE94500F@ptavv.es.net> User-Agent: Mutt/1.4.2.3i Cc: Mikhail Teterin , freebsd-security@freebsd.org Subject: Re: machine hangs on occasion - correlated with ssh break-in attempts X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 21 Aug 2008 19:49:02 -0000 > Should you want to continue with your own tool, at least for IPv4, > consider using tables rather than a raft of rules. With tables, you need > only a single rule and it is there at boot time. Also, you might want to consider switching to pf which this functionality built-in. Jan