My goal is to protect my FreeBSD firewall. As I mentioned, now that I
have closed off everything to the victim except the ports he is actually
running services on, everything is great! The firewall is just fine -
even during a big syn flood, because it just drops all the packets that
aren't goin
Hi,
I'm trying to block a single IP address which belongs to my private nated
network. Here is my ipnat.rules:
---
map tun0 192.168.0.0/24 -> 0/32 proxy port ftp ftp/tcp
map tun0 192.168.0.0/24 -> 0/32
---
and a summary of my ipf.rules:
---
# Allow loopback traffic
pass in quick on lo0 all
pass
On Wed, 11 Dec 2002, Helge Oldach wrote:
> Gokhan Eryol:
> > I upgraded /usr/src from 4.7-RELEASE to 4.7-STABLE by cvs and trying
> > to compile it for transparent web-caching with squid (wccp support). I
> > tried the steps described in
> > http://www.squid-cache.org/Doc/FAQ/FAQ-17.html as i did
There seems to be a slight lacuna in the signal documentation:
--- src/lib/libc/gen/signal.3 19 Dec 2002 09:40:21 - 1.32
+++ src/lib/libc/gen/signal.3 10 Jan 2003 16:03:16 -
@@ -187,7 +187,9 @@
and during a
.Xr ioctl 2
or
-.Xr wait 2 .
+.Xr wait 2
+or any other system call whos
On Fri, 10 Jan 2003, Tony Finch wrote:
> There seems to be a slight lacuna in the signal documentation:
>
> --- src/lib/libc/gen/signal.3 19 Dec 2002 09:40:21 - 1.32
> +++ src/lib/libc/gen/signal.3 10 Jan 2003 16:03:16 -
> @@ -187,7 +187,9 @@
> and during a
> .Xr ioctl 2
> or
> -.X
Ok, understood - but the point is, at some point the attackers are going
to realize that their syn floods are no longer hurting me ... and
regardless of what they conclude from this, what is the standard "next
step" ? If they are just flooders/packeteers, what do they graduate to
when syn flood
Urk, this message got stuck in my drafts folder, sorry for the delay.
On Thu, 2 Jan 2003, Jeff Behl wrote:
> Thanks for the info. Could you explain how mbuf clusters and mbufs are
> related? i'd like to better understand how we can run out of one and
> not the other. also, is there an upper v
The internet is becoming a rather horrid place for packets sometimes..
Here's a trace. In this case SACK would have been a true blessing...
Is there anyone considering looking at the varous SACK implementations
to see if one might be fixed enough to be imported?
(these were two 4.5 (+-) machines)
It's high up on my list of things to do, after locking up the
networking stack, fixing NewReno, and adding hardware TCP segmentation
off-loading.
Jeffrey
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-net" in the b
SOrry guys I don;t know why this ^$%#^# mail program
encodes plain text files as Java..
will resend..
On Fri, 10 Jan 2003, Julian Elischer wrote:
> The internet is becoming a rather horrid place for packets sometimes..
> Here's a trace. In this case SACK would have been a true blessing...
>
>
The internet is becoming a rather horrid place for packets sometimes..
Here's a trace. In this case SACK would have been a true blessing...
Is there anyone considering looking at the varous SACK implementations
to see if one might be fixed enough to be imported?
(these were two 4.5 (+-) machines)
IMHO it is almoust impossible to touch
properly configured router without
open services on it.
I have a great experience of wars with above
3000 users of my nets over ethernet.
Every my lose was for hardware error
of switch or ethernet port
or configuration error.
Optimize ipfw for speed, do not
Well, my "router" is the freebsd machine - celeron 500 and 256 megs.
Where would you suggest doing bandwidth counts for all of my IPs if I
don't use ipfw count rules at the firewall/router ?
And also thank you very much - I am very happy to hear that you think a
freebsd firewall/router will not
> Well, my "router" is the freebsd machine - celeron 500 and 256 megs.
>
> Where would you suggest doing bandwidth counts for all of my IPs if I
> don't use ipfw count rules at the firewall/router ?
I use argus.
It is not so comfortable for traffic accounting.
It is used for the second role - traf
What would you run on a different server to do traffic estimation ? How
would you do such a thing ?
thanks.
On Sat, 11 Jan 2003 [EMAIL PROTECTED] wrote:
> > Well, my "router" is the freebsd machine - celeron 500 and 256 megs.
> >
> > Where would you suggest doing bandwidth counts for all of my
>
> What would you run on a different server to do traffic estimation ? How
> would you do such a thing ?
I use argus 1.8 and my package
http://free.babolo.ru/src/traf-tools-0.14.tar.gz
as part of ISPMS/ISPDB
http://free.babolo.ru/ports/ispms/
traf-tools has free license
ISPMS/ISPDB - for non
> >
> > What would you run on a different server to do traffic estimation ? How
> > would you do such a thing ?
> I use argus 1.8 and my package
>
> http://free.babolo.ru/src/traf-tools-0.14.tar.gz
You can use
http://free.babolo.ru/src/binfout-0.02.tar.gz
for easy and flexible parsing binary o
17 matches
Mail list logo
