From owner-freebsd-stable@FreeBSD.ORG Thu Jun 10 04:11:48 2004 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id AC5AE16A4CE for ; Thu, 10 Jun 2004 04:11:48 +0000 (GMT) Received: from luskan.oddworld.com (luskan.oddworld.com [205.162.246.17]) by mx1.FreeBSD.org (Postfix) with ESMTP id 8A50643D46 for ; Thu, 10 Jun 2004 04:11:48 +0000 (GMT) (envelope-from khoi@oddworld.com) Received: from hercules ([192.168.1.40]) by luskan.oddworld.com (Netscape Messaging Server 4.15) with ESMTP id HZ2RNN00.Q1Y for ; Wed, 9 Jun 2004 21:11:47 -0700 From: "Khoi Dinh" To: Date: Wed, 9 Jun 2004 21:11:46 -0700 MIME-Version: 1.0 X-Mailer: Microsoft Office Outlook, Build 11.0.5510 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1409 Thread-Index: AcROoQt1SKslG3hrTdy+2XMXzG5NpA== Message-ID: Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Content-Filtered-By: Mailman/MimeDel 2.1.1 Subject: Port scan detection in ipfw2 X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: khoi@oddworld.com List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 10 Jun 2004 04:11:48 -0000 Hi All, This is a repost and I was hoping there might be a solution to this. I was wondering if ipfw2 has the ability to detect port scan like iptables with the psd module. I'm looking for a kernel-based solution, not app-based like portsentry. Also, is ipfw2 able to allow/disallow traffic according to time? ie. If I wanted to allow http traffic only from 9am to 1pm, can I do this with ipfw? I've been looking all over the net looking for a solution but haven't found one and was hoping that someone on the list could help me out, even if the answer is "no, there are no such kernel-based features." Thank you, Khoi