pf vs. RST attack question
Scott Bennett
bennett at cs.niu.edu
Sun Oct 5 17:53:27 UTC 2008
I'm getting a lot of messages like this:
Oct 4 14:30:00 hellas kernel: Limiting closed port RST response from 250 to 200 packets/sec
Is there some rule I can insert into /etc/pf.conf to reject these apparently
invalid RST packets before they can bother TCP? At the same time, I do not
want to reject legitimate RST packets.
Thanks in advance for any clues!
Scott Bennett, Comm. ASMELG, CFIAG
**********************************************************************
* Internet: bennett at cs.niu.edu *
*--------------------------------------------------------------------*
* "A well regulated and disciplined militia, is at all times a good *
* objection to the introduction of that bane of all free governments *
* -- a standing army." *
* -- Gov. John Hancock, New York Journal, 28 January 1790 *
**********************************************************************
More information about the freebsd-questions
mailing list