From owner-freebsd-net@FreeBSD.ORG Fri Jan 16 10:53:59 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 09A2C10658B0 for ; Fri, 16 Jan 2009 10:53:59 +0000 (UTC) (envelope-from dimitar.vassilev@gmail.com) Received: from rv-out-0506.google.com (rv-out-0506.google.com [209.85.198.239]) by mx1.freebsd.org (Postfix) with ESMTP id CB7F58FC20 for ; Fri, 16 Jan 2009 10:53:58 +0000 (UTC) (envelope-from dimitar.vassilev@gmail.com) Received: by rv-out-0506.google.com with SMTP id b25so1587074rvf.43 for ; Fri, 16 Jan 2009 02:53:58 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:in-reply-to:references :date:message-id:subject:from:to:cc:content-type; bh=5SkEnIHkOI/MG3nyEyIw9bpUATDTZZOSDWPSb1iCfXE=; b=dMP/UZA+LchKXQmDsN5fqFGgKKk6E/c+0O6xVwgMecmk+BXggBKvOOOeymmUl6GI9N gOJe5Mal7cIwvw9TCtW9WL1Q9em+aRELMguw7E1U07Ions7Fgvo+CjsUmGE6AgWEnHqx SN/thI3YeNpFynPHef6OJ9pKdFSWrrz8wgPBg= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; b=BerhGvTXDRO7eZSVzYY8pmLHqwpr90u130ED9b78W+7pSlPYqZaWtAm953R2Nkzy9I VZTLcZUhNR1BNYeXoJbSk+JdtLGCsIIk3OxLmJCbkO/5lw6UL8q0Lamilfv+vB1pVGTg hBvTLBR6c2ob07i/kmyU92l/Ihl8jBy66W4rg= MIME-Version: 1.0 Received: by 10.142.238.4 with SMTP id l4mr271312wfh.98.1232103238551; Fri, 16 Jan 2009 02:53:58 -0800 (PST) In-Reply-To: References: Date: Fri, 16 Jan 2009 12:53:58 +0200 Message-ID: <59adc1a0901160253me54571cl1799cafbf9634273@mail.gmail.com> From: Dimitar Vasilev To: Vlad GALU Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Cc: freebsd-net@freebsd.org, Ivo Vachkov , Alexey Ivanov Subject: Re: TARPIT for pf/ipfw X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 16 Jan 2009 10:54:00 -0000 see spamd for mail and you may use the don't peer list of sbl . 2009/1/16 Vlad GALU > This particular iptables module keeps the incoming connection up and > running, but it sends ACKs advertising a window size of 0 bytes, so > that the remote end can't send any data until the local process has > decided it's ok to do so. Basically it's used to slow down spammers > and worms. > > On Fri, Jan 16, 2009 at 11:31 AM, Ivo Vachkov > wrote: > > what does TARPIT do ? > > > > On Fri, Jan 16, 2009 at 11:20 AM, Alexey Ivanov wrote: > >> Is there any command identical to: > >> iptables -A INPUT -p tcp -m tcp -dport 80 -j TARPIT > >> > >> If no, does anyone ever tried to implement this feature? > >> > >> _______________________________________________ > >> freebsd-net@freebsd.org mailing list > >> http://lists.freebsd.org/mailman/listinfo/freebsd-net > >> To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" > >> > > > > > > > > -- > > "UNIX is basically a simple operating system, but you have to be a > > genius to understand the simplicity." Dennis Ritchie > > _______________________________________________ > > freebsd-net@freebsd.org mailing list > > http://lists.freebsd.org/mailman/listinfo/freebsd-net > > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" > > > > > > -- > ~/.signature: no such file or directory > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" >