Flush ICMP and UDP flooders

Abdullah Ibn Hamad Al-Marri Thu, 28 Jun 2007 03:29:20 -0700

Hello,

I would like to block ICMP and UDP flooders who exceed a reasonable number.


#- Rate Limit UDP (150 per host)
pass proto udp to any port $udp_services keep state
pass in quick proto udp from any to any \
 keep state \
 (max-src-conn 1,max-src-states 151, \
       overload <DDoS> flush global)

#- Rate Limit ICMP (10 per host)
pass in quick proto icmp from any to any \
keep state \
(max-src-conn 1,max-src-states 11, \
       overload <DDoS> flush global)

Comments?

--
Regards,

-Abdullah Ibn Hamad Al-Marri
Arab Portal
http://www.WeArab.Net/
_______________________________________________
freebsd-pf@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-pf
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Flush ICMP and UDP flooders

Reply via email to