BB wrote:
If a host is sending packets on ports that aren't even open can it temporarily close all connections to this host.
I don't think this a task pf itself should do but you can implement something to monitor connections attemps on closed ports and then inspect the pf's state table (pfctl -s state) and remove it (pfctl -k).
Do you want something like PortSentry ? Someone could spoof those attempts and create a DoS on something you don't want to block.
-- Giovanni P. Tirloni _______________________________________________ freebsd-pf@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-pf To unsubscribe, send any mail to "[EMAIL PROTECTED]"
