From owner-freebsd-net@FreeBSD.ORG  Fri Dec 14 00:24:03 2007
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@FreeBSD.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 5CECD16A41A
	for <freebsd-net@FreeBSD.org>; Fri, 14 Dec 2007 00:24:03 +0000 (UTC)
	(envelope-from stefan.lambrev@moneybookers.com)
Received: from blah.sun-fish.com (blah.sun-fish.com [217.18.249.150])
	by mx1.freebsd.org (Postfix) with ESMTP id 1856713C448
	for <freebsd-net@FreeBSD.org>; Fri, 14 Dec 2007 00:24:02 +0000 (UTC)
	(envelope-from stefan.lambrev@moneybookers.com)
Received: by blah.sun-fish.com (Postfix, from userid 1002)
	id C7E701B10EFC; Fri, 14 Dec 2007 01:06:37 +0100 (CET)
X-Spam-Checker-Version: SpamAssassin 3.2.3 (2007-08-08) on blah.cmotd.com
X-Spam-Level: 
X-Spam-Status: No, score=-10.6 required=5.0 tests=ALL_TRUSTED,BAYES_00
	autolearn=ham version=3.2.3
Received: from hater.haters.org (unknown [192.168.25.6])
	by blah.sun-fish.com (Postfix) with ESMTP id 80FDF1B10EBB
	for <freebsd-net@FreeBSD.org>; Fri, 14 Dec 2007 01:06:35 +0100 (CET)
Message-ID: <4761C90B.7000106@moneybookers.com>
Date: Fri, 14 Dec 2007 02:06:35 +0200
From: Stefan Lambrev <stefan.lambrev@moneybookers.com>
User-Agent: Thunderbird 2.0.0.9 (X11/20071120)
MIME-Version: 1.0
To: freebsd-net@FreeBSD.org
Content-Type: text/plain; charset=windows-1251; format=flowed
Content-Transfer-Encoding: 7bit
X-Virus-Scanned: ClamAV 0.91.2/5115/Thu Dec 13 18:46:23 2007 on blah.cmotd.com
X-Virus-Status: Clean
Cc: 
Subject: SYN Flood protection
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 14 Dec 2007 00:24:03 -0000

Hi list,

On bridge firewall with PF can I do anything more then using
(source-track rule, max-src-conn-rate SS/ss, max-src-states X)
to protect servers&services behind it from SYN flood?

-- 

Best Wishes,
Stefan Lambrev
ICQ# 24134177