Bridging Firewall Machine Questions

Olivier Nicole on at
Thu Jan 26 17:42:58 PST 2006

> I've also had problems with the bridge running out of dynamic rules. I've
> raised them to silly figures however I'm always wary that if a machine had a
> Trojan or some other form of malware that attempted a DoS attack, the bridge
> would probably fall over after exhausting its dynamic rule count and cause

I beleive other firewall solution (iptable or ipchain whatever is the
newest) have rate limiting for specific kind of traffic, so this
should prevent DoS, but as far as I remember ipfw has no such feature.


More information about the freebsd-questions mailing list