From owner-freebsd-stable@FreeBSD.ORG Thu Sep 25 06:17:35 2003 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 726DF16A4B3 for ; Thu, 25 Sep 2003 06:17:35 -0700 (PDT) Received: from rusunix.org (rusunix.org [195.162.58.254]) by mx1.FreeBSD.org (Postfix) with ESMTP id 9CC6F43FFD for ; Thu, 25 Sep 2003 06:17:32 -0700 (PDT) (envelope-from aquatique@rusunix.org) Received: by rusunix.org (CommuniGay Pro, from userid 1111) id 290E11CBAE0; Thu, 25 Sep 2003 20:17:30 +0700 (OMSST) From: "Evgueni V. Gavrilov" To: freebsd-stable@FreeBSD.ORG In-Reply-To: <20030925094954.23240.qmail@web40401.mail.yahoo.com> X-Newsgroups: freebsd.stable User-Agent: tin/1.6.1-20030810 ("Mingulay") (UNIX) (FreeBSD/4.9-PRERELEASE (i386)) Message-Id: <20030925131730.290E11CBAE0@rusunix.org> Date: Thu, 25 Sep 2003 20:17:30 +0700 (OMSST) Subject: Re: how to prevent flood with ipfilter or ipfw2 X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 25 Sep 2003 13:17:35 -0000 In article <20030925094954.23240.qmail@web40401.mail.yahoo.com> of freebsd.stable group you wrote: DB> So, how can i avoid flood with ipfw2. 00010 check-state 00020 allow tcp from any to me 21,22,25,119,993 setup limit src-addr 2 in recv fxp0 of course you should decide yourself which ports you want to protect and how many connections you want to allow -- http://aquatique.rusunix.org