Date: Wed, 23 Jun 2010 21:30:39 +0200 From: claudiu vasadi <claudiu.vasadi@gmail.com> To: no name <britneyfreek@googlemail.com> Cc: "freebsd-pf@freebsd.org" <freebsd-pf@freebsd.org> Subject: Re: can pf block a string ? or better, to limit it ? Message-ID: <AANLkTimN_9x-cQiF12bQdIjtHa7BjM6kMoEfsjcjcKLH@mail.gmail.com> In-Reply-To: <7114830758496124649@unknownmsgid> References: <AANLkTima26GreX5jtmdJiR2FbNiB5O4ixN92oqxktTmb@mail.gmail.com> <7114830758496124649@unknownmsgid>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, Jun 23, 2010 at 9:18 PM, no name <britneyfreek@googlemail.com>wrote: > i can't recall it, was dc tcp or udp based? > "dc" ???? The number of possible connections in a specific time frame does not help if I have ~200-500 authentications requests/sec and I get 100-300 attacks (D/DOS) per sec. I thought about that one long ago, and no matter on which side I turn the problem, I always end up at the "impossible to filter strings" wall. I know iptables can do it but a couple of months ago when I was asked to conf. a linux box I went completely mad trying to learn iptables's syntax (god it's ugly). This is why I would prefer to avoid linux here. Plus, I'm dealing with pf way longer than iptables and linux for that matter (it was ~6 years ago when I worked with linux last time)
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?AANLkTimN_9x-cQiF12bQdIjtHa7BjM6kMoEfsjcjcKLH>