Date: Sat, 26 Jan 2008 22:52:39 +0200 From: Stefan Lambrev <stefan.lambrev@moneybookers.com> To: =?UTF-8?B?RGFnLUVybGluZyBTbcO4cmdyYXY=?= <des@des.no> Cc: freebsd-current@freebsd.org Subject: Re: FreeBSD 7, bridge, PF and syn flood = very bad performance Message-ID: <479B9D97.9080407@moneybookers.com> In-Reply-To: <86bq78nx9l.fsf@ds4.des.no> References: <479A2389.2000802@moneybookers.com> <86bq78nx9l.fsf@ds4.des.no>
next in thread | previous in thread | raw e-mail | index | archive | help
Dag-Erling Smørgrav wrote: > Stefan Lambrev <stefan.lambrev@moneybookers.com> writes: > >> Does anyone try to see PF with "keep state" in action when under syn >> flood attack? >> > > Try "synproxy state" instead of "keep state". > > DES > From man pf.conf - Rules with synproxy will not work if pf(4) operates on a bridge(4). My short experience from today shows that synproxy can't handle syn flood with random source IP - 150kpps, but I'll test this after few days.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?479B9D97.9080407>