From owner-freebsd-isp Mon May 5 21:55:24 1997 Return-Path: Received: (from root@localhost) by hub.freebsd.org (8.8.5/8.8.5) id VAA14949 for isp-outgoing; Mon, 5 May 1997 21:55:24 -0700 (PDT) Received: from mail.MCESTATE.COM (mail.MCESTATE.COM [207.211.200.50]) by hub.freebsd.org (8.8.5/8.8.5) with ESMTP id VAA14944 for ; Mon, 5 May 1997 21:55:22 -0700 (PDT) Received: from localhost (vince@localhost) by mail.MCESTATE.COM (8.8.5/8.8.5) with SMTP id VAA05798; Mon, 5 May 1997 21:54:51 -0700 (PDT) Date: Mon, 5 May 1997 21:54:51 -0700 (PDT) From: Vincent Poy To: Alex Nash cc: Michael Slater , freebsd-isp@FreeBSD.ORG Subject: Re: Ping flood atacks In-Reply-To: <336EA384.6201DD56@mcs.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-isp@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk On Mon, 5 May 1997, Alex Nash wrote: > Vincent Poy wrote: > > > > What about if we're running a FreeBSD based router using a ET/5025 > > Dual ported card and we wanted to filter out only packets larger than a > > certain sized for ICMP ping requests for any ping requests coming in the > > router? > > ipfw can't filter by packet size. Are you worried about the ping o' > death? FreeBSD is immune. Well not actually worried but it did happen a few times before and our provider being CRL had to like do something on their core router to stop it and they said it could be done on a Cisco router which is what we don't have. Cheers, Vince - vince@MCESTATE.COM - vince@GAIANET.NET ________ __ ____ Unix Networking Operations - FreeBSD-Real Unix for Free / / / / | / |[__ ] GaiaNet Corporation - M & C Estate / / / / | / | __] ] Beverly Hills, California USA 90210 / / / / / |/ / | __] ] HongKong Stars/Gravis UltraSound Mailing Lists Admin /_/_/_/_/|___/|_|[____]