Date: Mon, 14 Apr 1997 10:11:17 +0100 From: Anthony Barlow <tony@warp.co.uk> To: Eugeny Kuzakov <kev@l321.omsk.net.ru> Cc: freebsd-questions@freebsd.org, freebsd-isp@freebsd.org Subject: Re: Firewalling large ICMP packets.. Message-ID: <3.0.1.32.19970414101117.006a1bd0@mail.warp.co.uk> In-Reply-To: <Pine.BSD.3.95.970414124611.17294B-100000@l321.omsk.net.ru> References: <Pine.BSF.3.95q.970414125316.413E-100000@obiwan.aceonline.com.au>
next in thread | previous in thread | raw e-mail | index | archive | help
At 12:49 14-04-97 +0700, Eugeny Kuzakov wrote: >On Mon, 14 Apr 1997, Adrian Chadd wrote: > >> Date: Mon, 14 Apr 1997 12:55:02 +0800 (WST) >> From: Adrian Chadd <adrian@obiwan.aceonline.com.au> >> To: Anthony Barlow <tony@warp.co.uk> >> Cc: freebsd-questions@freebsd.org, freebsd-isp@freebsd.org >> Subject: Re: Firewalling large ICMP packets.. >> >> ipfw add deny icmp from any to any (or something like that) >> >> I'm trying to firewall large ICMP packets :) > >You may also deny all frag packets. In ipfilter by Darren Red it's simple. >May I right ? Sorry I wouldn't know. Our Filter (internet.in) looks like this deny 194.207.68.0/24 0.0.0.0/0 < Blocks spoofing attempts 68.0 is our NOC center's network permit tcp permit udp deny icmp < Block the Ping of Death etc. Regards, Anthony
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3.0.1.32.19970414101117.006a1bd0>