Bridging Firewall Machine Questions
Olivier Nicole
on at cs.ait.ac.th
Thu Jan 26 17:42:58 PST 2006
> I've also had problems with the bridge running out of dynamic rules. I've
> raised them to silly figures however I'm always wary that if a machine had a
> Trojan or some other form of malware that attempted a DoS attack, the bridge
> would probably fall over after exhausting its dynamic rule count and cause
I beleive other firewall solution (iptable or ipchain whatever is the
newest) have rate limiting for specific kind of traffic, so this
should prevent DoS, but as far as I remember ipfw has no such feature.
Olivier
More information about the freebsd-questions
mailing list