Date: Mon, 20 Sep 2004 18:13:30 +0300 From: Giorgos Keramidas <keramida@freebsd.org> To: adrian kok <adriankok2000@yahoo.com.hk> Cc: questions@freebsd.org Subject: Re: ipfw question Message-ID: <20040920151330.GA59375@orion.daedalusnetworks.priv> In-Reply-To: <20040920144325.57237.qmail@web21201.mail.yahoo.com> References: <20040920144325.57237.qmail@web21201.mail.yahoo.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On 2004-09-20 22:43, adrian kok <adriankok2000@yahoo.com.hk> wrote:
>
> 1/ Recently, my mrtg graph showed many spikes
> "Incoming" in outer interface of the router.
>
> ls it possible to log them and check?
It is. A better approach is to block everything that you don't really
need and then start logging legitimate connections only if the problems
with ``traffic spikes'' continue.
> If I log everthing, I am afraid to slow down the
> network. What is the best way to do it?
Don't do it. It will truly slow down things a lot.
> 2/ I read some firewall docs. they said that it is
> good to allow 5% bandwidth for icmp only
> ls it true?
I don't know what docs you read about firewalls. The Handbook has a
fairly good section on firewalls. Have you read that? If not, you
should definitely give it a look.
For an early chance to read what the ``Firewalls'' section will soon be
replaced with, you might also want to read this:
http://freebsd.so14k.com/firewall/firewalls.html
I'm working with a few other guys to get this into the Handbook as the
new ``Firewalls'' section before 5.3-RELEASE, but if it does help you
should definitely read it. Joseph J. Barbish has written a couple of
excellent firewall tutorials and guides that I've read so far, and this
one is really worth a careful read.
Just note that the text at the above URL is probably going to change a
bit during the next couple of days, so be patient if you see changes
going in :-)
> how can I do it?
See above.
Giorgos
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040920151330.GA59375>