[EMAIL PROTECTED] wrote:
My only question is what if I traceroute to you, find out the IP number of your
upstream router? Then I make a bunch of connection attempts to your IP but
forge the packets to make them look like they came from your upstream. Don't
*you* end up blacklisting your default route and you become 'so long suckah'd?
--ja
That's how I handle this type of annoyance:
http://data.homeip.net/projects/ssh_wall.php
Of course, YMMV.
Ciao.
Add a "quick pass" rule for your upstream router before the max-src-conn
foo.
