can pf block a string ? or better, to limit it ?
no name
britneyfreek at googlemail.com
Wed Jun 23 19:18:51 UTC 2010
i can't recall it, was dc tcp or udp based?
however, you could try to limit the number of possible connections in
a specific time frame.
using linux, you could even use the l7 ipfilter extension to inspect a
packet's payload and do some limiting based on that.
... just some thoughts.
---
“Your time is limited, so don't waste it living someone else's life.
Don't be trapped by dogma - which is living with the results of other
people's thinking. Don't let the noise of other's opinions drown out
your own inner voice. And most important, have the courage to follow
your heart and intuition. They somehow already know what you truly
want to become. Everything else is secondary.”
- Steve Jobs
Am 23.06.2010 um 20:30 schrieb claudiu vasadi
<claudiu.vasadi at gmail.com>:
> Hello fellas,
>
>
> system: freebsd 8.0 with pf
>
>
> A couple of years ago I wanted to limit a string with pf and I could
> not
> find a way to do it.
>
> Back in the day, I was running a dc++ software on FreeBSD and the most
> common way of flood was this "string attack". The idea was simple:
> more than
> "x" number of packages containing this "string" = dc++ software
> stuck. I
> remember a friend of mine was able to limit the number per second to
> something but I was unable to do the same in pf. Back then I was using
> FreeBSD6.2 but I can't find a way to do it even now.
>
>
> Can someone shed some light ? Were you trying something similar ?
> _______________________________________________
> freebsd-pf at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-pf
> To unsubscribe, send any mail to "freebsd-pf-unsubscribe at freebsd.org"
More information about the freebsd-pf
mailing list