Hello.
2nd message to this list because from my first subscribtion I get:
delivery 328: deferral:
69.147.83.52_does_not_like_recipient./Remote_host_said:_450_4.7.1_:_Recipient_address_rejected:_Service_is_unavailable/Giving_up_on_69.147.83.52./
I'm trying to setup an ftp-proxy (pftpx) with PF.
Hello.
I'm trying to setup an ftp-proxy (pftpx) with PF.
I have set up the nat anchors and rdr in pf.conf.
My setup:
+-+
| INTERNET |
+-+
|
|
|
+-+
| PF |
| pftpx |
+-+
|
|
|
+-+
| PRFTPD |
+-+
The client in internet: 52.
On Tue, 14 Jul 2009 01:22:06 +0100
Peter Maxwell wrote:
> Can you post the output of: pfctl -s r
# pfctl -sr
scrub in all random-id fragment reassemble
block drop log (all) all
block drop in on sk0 inet proto icmp all icmp-type echoreq
block drop out log (all) quick on sk0 from any to
block dr
Below is a packet filter snippet from my config file:
block drop log quick from
...
pass in quick on $ext_if proto tcp from any to port 80 flags S/SA keep
state (max-src-conn 80, max-src-conn-rate 200/2, overload flush global)
pass out quick on $int_if proto tcp from any to port 80 flags
Greetings,
I am currently attempting to mitigate a DDoS attack on our network that is
comprised mainly of bogus DNS requests. The attacks seem to be coming in
waves of DNS queries on our internal systems.
I have tried several different ways of mitigating this, one of which is to
queue the DNS t
Comments inline...
2009/7/14 Aleksic Predrag :
> On Tue, 14 Jul 2009 01:22:06 +0100
> Peter Maxwell wrote:
>
> > Can you post the output of: pfctl -s r
>
> # pfctl -sr
> scrub in all random-id fragment reassemble
> block drop log (all) all
> block drop in on sk0 inet proto icmp all icmp-type ec
Hi
It is a common problem and can best be prevented configuring your DNS server
to limit recursion (lookup requests of non local or authoritive domains) to
the internal network and trusted Internet IP addresses only.
All other solutions you may just delay or limit normal dns server responses
Most D
