Date: Tue, 14 Sep 2004 14:52:03 -0400 From: "Eric W. Bates" <ericx_lists@vineyard.net> To: freebsd-net@freebsd.org Subject: To many dynamic rules created by infected machine Message-ID: <41473DD3.7030007@vineyard.net>
next in thread | raw e-mail | index | archive | help
Friends run an IT business and I helped build them a firewall using ipfw. The box has multiple interfaces; one of which is untrusted and it is where they put suspect machines (customer boxes with high likelihood of viruses and other evil Windoze ailments). Their network is well protected; however there is now an inadvertent DOS when a particularly virulent machine performs a sweep attack on some block of IP, because we have a check-state/keep-state. Sep 11 16:00:01 <kern.crit> hostname /kernel: ipfw: install_state: Too many dynamic rules Is there a way to limit the number of rules a given host can create in x number of minutes? Thanks for your time. -- Eric W. Bates
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?41473DD3.7030007>