Date: Thu, 10 Jun 2004 09:30:12 -0400 From: Paul Mather <paul@gromit.dlib.vt.edu> To: Don Bowman <don@sandvine.com> Cc: freebsd-stable@freebsd.org Subject: RE: Port scan detection in ipfw2 Message-ID: <1086874211.9393.32.camel@zappa.Chelsea-Ct.Org> In-Reply-To: <FE045D4D9F7AED4CBFF1B3B813C85337051D8F53@mail.sandvine.com> References: <FE045D4D9F7AED4CBFF1B3B813C85337051D8F53@mail.sandvine.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, 2004-06-10 at 08:46, Don Bowman wrote:
> There was a patch to ipfw posted last year that gave time
> to rules.
Interesting. Does the rule processing of the patch burden all packets
with an extra check (for time validity), or just those with a time
restraint on the rule? I wonder, also, how "keep-state" rules are
handled. Are the time constraints of the "keep-state" rule included
with the dynamic rule created from it? (If not, that would mean a
packet could be allowed in violation of its time constraint?)
Does the syntax of time specification use the local time zone, and, if
so, what happens during the switch between daylight savings... ;-)
Cheers,
Paul.
--
e-mail: paul@gromit.dlib.vt.edu
"Without music to decorate it, time is just a bunch of boring production
deadlines or dates by which bills must be paid."
--- Frank Vincent Zappa
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1086874211.9393.32.camel>