Date: Thu, 25 Apr 2002 16:52:53 -0400 (EDT) From: "Rex A. Roof" <rex@gunjin.wccnet.org> To: freebsd-ipfw@freebsd.org Cc: rex@gunjin.wccnet.org Subject: Putting in place an incoming sendmail limit Message-ID: <200204252052.g3PKqrj0090391@gunjin.wccnet.org>
next in thread | raw e-mail | index | archive | help
In order to prevent incoming DoS attacks via multiple sendmail connections, I've tried adding the following ipfw rule: allow tcp from any to any smtp limit src-addr 1 This works great, except that when it's triggered I get A LOT of messages like this: OUCH! cannot remove rule, count 1 drop session, too many entries over and over and over and over... I've tried adding a 'log logamount 1' in there, no difference. I've tried changing the following sysctl settings, with no luck: net.inet.ip.fw.debug, net.inet.ip.fw.verbose, net.inet.ip.fw.verbose_limit I'd like to limit these incoming sendmail connections, but the amount of logging output it creates is a bit extreme. I tried setting this up and just using telnet to connect to the sendmail port, and a dozen or so messages is created in a few seconds, just with two telnet sessions from the same machine. -Rex To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ipfw" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200204252052.g3PKqrj0090391>