Sanity-check for my (working) ipfw rules please...
Chuck Swiger
cswiger at mac.com
Mon Jul 10 23:14:16 UTC 2006
Ensel Sharon wrote:
[ ... ]
> Two questions: is it appropriate to have line 01000 above all of my
> bad-behavior lines ?
"established" means "ACK and not SYN", basicly. Your "bad behavior" rules
wouldn't really match anything which matches established, but it's probably
better to block known-bad stuff earlier on.
However, it's not the same thing as stateful tracking, which you might want to
consider using depending on what you're doing...
--
-Chuck
More information about the freebsd-questions
mailing list