Date: Sun, 30 Jul 2000 16:23:45 -0700 (PDT) From: "Jonathan M. Bresler" <jmb@hub.freebsd.org> To: stephen@math.missouri.edu Cc: freebsd-security@FreeBSD.ORG Subject: Re: log with dynamic firewall rules Message-ID: <20000730232345.650D337B516@hub.freebsd.org> In-Reply-To: <3984AB32.53B8D793@math.missouri.edu> (stephen@math.missouri.edu)
next in thread | previous in thread | raw e-mail | index | archive | help
[snip] > > All this bad behavior could be stopped by having a rule > > add pass tcp from any to any established > > before all the other rules, but in that case why have dynamic rules > at all? UDP ? set your timeouts to match the behavior of your apps. > > And you could also tinker with the default time outs. > > But in the end I find that static rules are quite satisfactory > for me. jmb To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000730232345.650D337B516>