> > if it ever needs more than 64Kbit/s, it is an attack...
> >
> > This seems to work, but when I try to ping something outised the
> > network, the ping time is around 10 msec. Without the above piping, it
> > is around 0.5 msec. It is the bandwidth, that I'm trying to limit, not
>
[EMAIL PROTECTED] wrote:
>
> Trying to protect our network from ICMP-based attacks, I added the
> following rules to the firewall:
>
> pipe 1 config bw 64Kbit/s
> add pipe 1 log icmp from any to any in via OIF
> add allow icmp from any to any
>
> (OIF is
Trying to protect our network from ICMP-based attacks, I added the
following rules to the firewall:
pipe 1 config bw 64Kbit/s
add pipe 1 log icmp from any to any in via OIF
add allow icmp from any to any
(OIF is the Outside InterFace)
The assumption is, t
