From owner-freebsd-net@FreeBSD.ORG  Fri Jan 16 21:37:57 2009
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id E42FC1065677
	for <freebsd-net@freebsd.org>; Fri, 16 Jan 2009 21:37:57 +0000 (UTC)
	(envelope-from cswiger@mac.com)
Received: from mail-out3.apple.com (mail-out3.apple.com [17.254.13.22])
	by mx1.freebsd.org (Postfix) with ESMTP id CA3C38FC2D
	for <freebsd-net@freebsd.org>; Fri, 16 Jan 2009 21:37:57 +0000 (UTC)
	(envelope-from cswiger@mac.com)
Received: from relay10.apple.com (relay10.apple.com [17.128.113.47])
	by mail-out3.apple.com (Postfix) with ESMTP id ACCD94CB3412;
	Fri, 16 Jan 2009 13:21:15 -0800 (PST)
Received: from relay10.apple.com (unknown [127.0.0.1])
	by relay10.apple.com (Symantec Brightmail Gateway) with ESMTP id
	94E0C28050; Fri, 16 Jan 2009 13:21:15 -0800 (PST)
X-AuditID: 1180712f-ac171bb0000012d3-3c-4970fa4b3075
Received: from cswiger1.apple.com (cswiger1.apple.com [17.227.140.124])
	(using TLSv1 with cipher AES128-SHA (128/128 bits))
	(No client certificate requested)
	by relay10.apple.com (Apple SCV relay) with ESMTP id 7A6DD2805C;
	Fri, 16 Jan 2009 13:21:15 -0800 (PST)
Message-Id: <06EC1210-8D3E-4F47-A1DE-F0AE038929D9@mac.com>
From: Chuck Swiger <cswiger@mac.com>
To: Eugene Perevyazko <john@dnepro.net>
In-Reply-To: <20090116115026.GA98057@roof1.dnepro.net>
Content-Type: text/plain; charset=US-ASCII; format=flowed; delsp=yes
Content-Transfer-Encoding: 7bit
Mime-Version: 1.0 (Apple Message framework v930.3)
Date: Fri, 16 Jan 2009 13:21:15 -0800
References: <E1LNksH-000M7S-00.need4spam-bk-ru@f253.mail.ru>
	<20090116115026.GA98057@roof1.dnepro.net>
X-Mailer: Apple Mail (2.930.3)
X-Brightmail-Tracker: AAAAAA==
Cc: freebsd-net@freebsd.org
Subject: Re: TARPIT for pf/ipfw
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 16 Jan 2009 21:37:58 -0000

On Jan 16, 2009, at 3:50 AM, Eugene Perevyazko wrote:
> On Fri, Jan 16, 2009 at 12:20:21PM +0300, Alexey Ivanov wrote:
>> Is there any command identical to:
>>        iptables -A INPUT -p tcp -m tcp -dport 80 -j TARPIT
>>
>> If no, does anyone ever tried to implement this feature?
>
> I'm thinking on implementing it in ipfw but it'll be a week or two  
> later,
> when I will have some free time.

Note that net/honeyd and security/labrea offer somewhat similar  
functionality.

-- 
-Chuck