|
OpenBSD Security Functionally paranoid! |
|
Thread Tools | Display Modes |
|
|||
pf: Does pf have the ability to src-track created/established connections?
I'm having a bit of a trouble with my firewall, an attacker has been able to spoof my address and is attacking my lan computer. I have antispoof rules in my pf.conf but they have gotten around them. So I'm thinking if I can't stop them, at least I can limit them. I have stateful tracking options on ssh, and apache but the attacker is using an already established connection (like that created by a web browser [<my.ip.address>:54535]) and doing unicode point attacks. My stateful tracking options are such:
Code:
WAN_STO="(max 5, source-track rule, max-src-states 5, max-src-conn 10, max-src-nodes 10, max-src-conn-rate 5/30, overload <blockedip> flush global)" |
Thread Tools | |
Display Modes | |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
track current kernel | itti | NetBSD Installation and Upgrading | 8 | 11th December 2008 06:09 PM |
Serial connections | JMJ_coder | General software and network | 9 | 25th July 2008 03:28 PM |
Problems with multiple ISP connections | ebzzry | FreeBSD General | 2 | 1st July 2008 11:32 PM |
More tcp connections | tad1214 | FreeBSD General | 8 | 5th June 2008 03:05 PM |
OpenVPN - Problem with connections | MME | General software and network | 2 | 26th May 2008 06:42 PM |