Can pf dynamicly close connections
Giovanni P. Tirloni
gpt at tirloni.org
Thu Aug 4 17:40:11 GMT 2005
BB wrote:
> If a host is sending packets on ports that aren't even open can it
> temporarily close all connections to this host.
I don't think this a task pf itself should do but you can implement
something to monitor connections attemps on closed ports and then
inspect the pf's state table (pfctl -s state) and remove it (pfctl -k).
Do you want something like PortSentry ? Someone could spoof those
attempts and create a DoS on something you don't want to block.
--
Giovanni P. Tirloni
More information about the freebsd-pf
mailing list