From owner-freebsd-net Thu Jun 27 11: 1:16 2002 Delivered-To: freebsd-net@freebsd.org Received: from tp.databus.com (p72-186.acedsl.com [66.114.72.186]) by hub.freebsd.org (Postfix) with ESMTP id 3E83937B41E for ; Thu, 27 Jun 2002 11:01:05 -0700 (PDT) Received: from databus.com (localhost.databus.com [127.0.0.1]) by tp.databus.com (8.12.4/8.12.3) with ESMTP id g5RI14QZ005674; Thu, 27 Jun 2002 14:01:04 -0400 (EDT) (envelope-from barney@databus.com) Received: (from barney@localhost) by databus.com (8.12.4/8.12.4/Submit) id g5RI14vI005673; Thu, 27 Jun 2002 14:01:04 -0400 (EDT) Date: Thu, 27 Jun 2002 14:01:04 -0400 From: Barney Wolff To: Peter Brezny Cc: freebsd-net@FreeBSD.ORG Subject: Re: limiting directed broadcasts with ipfw. Message-ID: <20020627140104.A5456@tp.databus.com> References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5.1i In-Reply-To: ; from pbrezny@purplecat.net on Thu, Jun 27, 2002 at 01:18:04PM -0400 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Nothing automatic or shorthand, but add nnnn deny ip from any to x.y.z.255 (or whatever your broadcast is) will work just fine. On Thu, Jun 27, 2002 at 01:18:04PM -0400, Peter Brezny wrote: > I did a quick search through the man page, but didn't come up with anything > right off that looked like it could help mitigate smurf attacks similar to > the cisco: > no ip directed-broadcast > > feature. > > Is there a way? > > TIA > > Peter Brezny > Skyrunner.net > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-net" in the body of the message -- Barney Wolff I never met a computer I didn't like. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message