From owner-freebsd-questions@FreeBSD.ORG Tue Jan 24 21:08:33 2006 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 7ABA916A41F for ; Tue, 24 Jan 2006 21:08:33 +0000 (GMT) (envelope-from jdow@earthlink.net) Received: from smtpauth01.mail.atl.earthlink.net (smtpauth01.mail.atl.earthlink.net [209.86.89.61]) by mx1.FreeBSD.org (Postfix) with ESMTP id A21D543D48 for ; Tue, 24 Jan 2006 21:08:28 +0000 (GMT) (envelope-from jdow@earthlink.net) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=dk20050327; d=earthlink.net; b=kzReF/qNuyOOFVENMuiogzem9XPxnwBUfP2Z93CuSSQJwBkj5u7bEnQ+4Uv5Fbco; h=Received:Message-ID:From:To:References:Subject:Date:MIME-Version:Content-Type:Content-Transfer-Encoding:X-Priority:X-MSMail-Priority:X-Mailer:X-MimeOLE:X-ELNK-Trace:X-Originating-IP; Received: from [71.116.164.67] (helo=kittycat) by smtpauth01.mail.atl.earthlink.net with asmtp (Exim 4.34) id 1F1VOt-0005gc-Fc; Tue, 24 Jan 2006 16:08:27 -0500 Message-ID: <052901c6212a$522ece20$1225a8c0@kittycat> From: "jdow" To: , "Peter N. M. Hansteen" References: <006001c61d47$973bccc0$1225a8c0@kittycat> <86ek2xa7eu.fsf@amidala.datadok.no> Date: Tue, 24 Jan 2006 13:08:26 -0800 MIME-Version: 1.0 Content-Type: text/plain; format=flowed; charset="iso-8859-1"; reply-type=original Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2900.2670 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2670 X-ELNK-Trace: bb89ecdb26a8f9f24d2b10475b571120eedf00233ef7f63493a433339c1d3c5622665d5680fb1907350badd9bab72f9c350badd9bab72f9c350badd9bab72f9c X-Originating-IP: 71.116.164.67 Cc: Subject: Re: How to tell if IPF is running? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 24 Jan 2006 21:08:33 -0000 Ack, it looks like it would limp through doing the simple job wanted. The good news is that I can make it work. The bad news is that it's apparently so much simpler with the Linux iptables facilities. I can see I have a bunch of reading to do before setting up to replace the firewall machine. Thanks. I like your tutorial. That will get me up with it faster. {^_^} Joanne ----- Original Message ----- From: "Peter N. M. Hansteen" > "jdow" writes: > >> Which tool would be able to do this sort of thing best and how might it >> have been done. > > PF has most of the bits you need built in, see eg > http://www.bgnett.no/~peter/pf/en/bruteforce.html (part of a PF > tutorial). > > For weeding out old table entries, you might want to look at > the expiretable utility (http://expiretable.fnord.se/).