|
|
|||||||
| OpenBSD Security Functionally paranoid! |
|
|
Thread Tools | Display Modes |
27th February 2009
|
|||
|
|||
pf: Does pf have the ability to src-track created/established connections?
I'm having a bit of a trouble with my firewall, an attacker has been able to spoof my address and is attacking my lan computer. I have antispoof rules in my pf.conf but they have gotten around them. So I'm thinking if I can't stop them, at least I can limit them. I have stateful tracking options on ssh, and apache but the attacker is using an already established connection (like that created by a web browser [<my.ip.address>:54535]) and doing unicode point attacks. My stateful tracking options are such:
Code:
WAN_STO="(max 5, source-track rule, max-src-states 5, max-src-conn 10, max-src-nodes 10, max-src-conn-rate 5/30, overload <blockedip> flush global)" 
|
| Thread Tools | |
| Display Modes | |
|
|
Similar Threads
|
||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| track current kernel | itti | NetBSD Installation and Upgrading | 8 | 11th December 2008 06:09 PM |
| Serial connections | JMJ_coder | General software and network | 9 | 25th July 2008 03:28 PM |
| Problems with multiple ISP connections | ebzzry | FreeBSD General | 2 | 1st July 2008 11:32 PM |
| More tcp connections | tad1214 | FreeBSD General | 8 | 5th June 2008 03:05 PM |
| OpenVPN - Problem with connections | MME | General software and network | 2 | 26th May 2008 06:42 PM |
Threaded Mode