From owner-freebsd-ipfw@FreeBSD.ORG Thu Sep 25 20:25:35 2008 Return-Path: Delivered-To: freebsd-ipfw@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id B3CBD1065687 for ; Thu, 25 Sep 2008 20:25:35 +0000 (UTC) (envelope-from gbell72@rogers.com) Received: from web88001.mail.re2.yahoo.com (web88001.mail.re2.yahoo.com [206.190.37.188]) by mx1.freebsd.org (Postfix) with SMTP id 45DA88FC0A for ; Thu, 25 Sep 2008 20:25:35 +0000 (UTC) (envelope-from gbell72@rogers.com) Received: (qmail 8929 invoked by uid 60001); 25 Sep 2008 19:58:53 -0000 DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=rogers.com; h=X-YMail-OSG:Received:X-Mailer:Date:From:Reply-To:Subject:To:MIME-Version:Content-Type:Message-ID; b=LWRE8KG0jZVnYmhoUj+2VTn2Y8BK2H3o0gqgwCpUmMiHR5oR0hPPFmtFNapDK9LjAvHKGhs8vDHt2cH5LdBGj4D/ctutLndhN033kY0K0ztOSbhEoV7Ir6A2YkNoI9+Tuio8Mt1BlLhsmax0GclQrOHZ+jdrwIsDKwizE1VwvdE=; X-YMail-OSG: sc0RdF4VM1lWOlekTQz1mlRl_OOaIov_VYBnML1qjCZlADFcGW9ldvHKJwniSYiVSBl4g898bqcDQUSPpS2hTNDAqkUmIRkT_FL5PslyXjOTQtCJtGm408a1zc3RRbRnj7dX2pj02UJidccQKuGSovhxRedj Received: from [99.233.189.218] by web88001.mail.re2.yahoo.com via HTTP; Thu, 25 Sep 2008 12:58:52 PDT X-Mailer: YahooMailWebService/0.7.218.2 Date: Thu, 25 Sep 2008 12:58:52 -0700 (PDT) From: Gardner Bell To: freebsd-ipfw@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Message-ID: <92406.8902.qm@web88001.mail.re2.yahoo.com> Subject: rate limit syn X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: gbell72@rogers.com List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 25 Sep 2008 20:25:35 -0000 Just a quick question: Does ipfw or dummynet have an option to rate limit the amount of syn packets sent to the same destination address, and port number in say 10 second period? Or is net.inet.tcp_syncookies enough protection in the case of a syn flood. Gardner Bell