pf to block against DDoS?
Redd Vinylene
reddvinylene at gmail.com
Mon Sep 22 11:59:11 UTC 2008
On Mon, Sep 22, 2008 at 10:36 AM, Lars Noodén <larsnooden at openoffice.org>wrote:
> Redd Vinylene wrote:
> >> ...
> >> You can also use two tables so that the first overload gets shunted to a
> >> slow queue and given a second chance before ending up in the second
> >> table which gets blocked.
> > ...
> > Lars Noodin: Would you happen to have an example of that?
>
> Not really, here is an illustration of how it might be approached:
>
> http://www-personal.umich.edu/~lars/PF/pf.ssh-2tables.conf<http://www-personal.umich.edu/%7Elars/PF/pf.ssh-2tables.conf>
>
> I expect that the last-rule-matched takes care of the decision. The
> However, there might be some divergence between what I think it does and
> what it really does.
>
> Another question is, in which cases is that useful?
>
> Regards
> -Lars
>
This has been a very interesting example, Lars. Thanks a lot for sharing!
As for your last question though, I think I know what you mean. It is to
say, should a rapist really be given a second chance?
--
http://www.home.no/reddvinylene
More information about the freebsd-questions
mailing list