From owner-freebsd-pf@FreeBSD.ORG Mon Jul 20 13:22:18 2009 Return-Path: Delivered-To: freebsd-pf@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id D6D63106564A for ; Mon, 20 Jul 2009 13:22:18 +0000 (UTC) (envelope-from leccine@gmail.com) Received: from mail-ew0-f222.google.com (mail-ew0-f222.google.com [209.85.219.222]) by mx1.freebsd.org (Postfix) with ESMTP id 6226E8FC08 for ; Mon, 20 Jul 2009 13:22:18 +0000 (UTC) (envelope-from leccine@gmail.com) Received: by ewy22 with SMTP id 22so581102ewy.43 for ; Mon, 20 Jul 2009 06:22:17 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:in-reply-to:references :date:message-id:subject:from:to:cc:content-type; bh=lrQ3HJezztxL1GYlAQtMpU7FcUFAQdmoreArqyp/ovk=; b=Ox2+/wE10LKzVuwCRPFTPa9qlZDhE1JBE+7pp1TYTLHoOSx12XXijUbzIZTg4xaI/P zeOotHSPcr0E48MhWUHNA01cFIs1rI5Ra3iA/1jfphZtxtFeg+iG9a5fXGIm4YKXvKxd QsO7NkldcP/VrIvOUbCGifFPbh7+Z5Ev/bHM4= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; b=jnBH1SJcHg8bgdsjy/0mnJDi0uBfk5N3HcrkJTums8zDksifNIVEJZgOfSzFr5RP92 bj50eHpRHwU4b34P4xuaMjQ7Qy8smrdpOeiOVHANTSEKDRJVUFLCG/V56QRZ4Bbr/OmZ uvk6cuupSW01rAgrh0riEACrHM455MD2y4iEk= MIME-Version: 1.0 Received: by 10.210.53.1 with SMTP id b1mr3657452eba.20.1248094572323; Mon, 20 Jul 2009 05:56:12 -0700 (PDT) In-Reply-To: <1B1238E1D957409EA47868C515354286@john> References: <1B1238E1D957409EA47868C515354286@john> Date: Mon, 20 Jul 2009 05:56:12 -0700 Message-ID: From: =?ISO-8859-1?B?SXN0duFu?= To: "John Dakos [ Enovation Technologies ]" Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Cc: freebsd-pf@freebsd.org Subject: Re: Filtered Ports or Closed Ports ? X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 20 Jul 2009 13:22:19 -0000 are you talking about the block-policy? I think drop is better because if somebody is flooding you from fake addresses you are going to send out million packets to wrong targets. I vote for set block-policy drop Regards, Istvan On Mon, Jul 20, 2009 at 5:44 AM, John Dakos [ Enovation Technologies ] < gdakos@enovation.gr> wrote: > > > Hello All. > > > > Im newbie on PF , I install PF on FreeBSD 7.2 Released. > > > > I have a question, what is more secure for the system Filtered Ports or > Closed Ports? > > > > Thanks All > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > John Dakos > Network Administrator > Enovation Technologies > Filellinon 35, Chalandrion > 15232 Athens, GREECE > Tel: +30-210 8119784 > Mob: +30-6979348082 > > > > _______________________________________________ > freebsd-pf@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-pf > To unsubscribe, send any mail to "freebsd-pf-unsubscribe@freebsd.org" > -- the sun shines for all