Sten Spans wrote:
What about:
ipfw add allow tcp from evil/24 to any port 445 setup limit src-addr 4 ipfw add allow tcp from evil/24 to any port 139 setup limit src-addr 4
To limit the amount of evil connections, place above the regular keep-state rule.
That looks good. I should have RTFM.
Is it reasonable to try something like:
ipfw add allow tcp from evil/24 to any dst-port 80 setup limit src-addr 100
Anyone ever figured out what the average/max number of simultaneous dynamic rules needed to support an http session?
I'm not going to allow the 137-139,445 ports out (no need for file sharing when repairing these things). But I'm going to have to allow 80, 443, whatever Norton, spybot, adaware, etc. use for their database updates.
----
The default (FBSD 4.9, ipfw 2) number of rules max seems to be 4096.
net.inet.ip.fw.dyn_max: 4096
Is it reasonable to pump this number up?
-- Eric W. Bates _______________________________________________ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "[EMAIL PROTECTED]"
