Hi,
Are you already using your DNS server's response rate limiting features?
Not yet, as I still believe I should stop as much as possible such traffic at
the firewall before it even reaches the network behind my firewall. So at the
software/daemon/service level it would be my last line of de
On 2023/07/19 19:54, mabi wrote:
> --- Original Message ---
> On Wednesday, July 19th, 2023 at 9:32 PM, Stuart Henderson
> wrote:
>
> > If PF is struggling as it is, there's a good chance it will buckle
> > completely if it has to do source tracking too
>
> That is also something I thou
--- Original Message ---
On Wednesday, July 19th, 2023 at 9:32 PM, Stuart Henderson
wrote:
> If PF is struggling as it is, there's a good chance it will buckle
> completely if it has to do source tracking too
That is also something I thought might be the case :|
> Did you already tweak
Dear Mr. Nick,
That must be the passage.
I'm surprised it is so tame.
I recall it being much more arrogant.
Perhaps what changed is that I became more arrogant.
With many thanks, please allow me the expression
of my distinguish sentiments.
Ibsen
On 2023/07/19 19:13, mabi wrote:
> --- Original Message ---
> On Wednesday, July 19th, 2023 at 12:40 PM, Stuart Henderson
> wrote:
>
> > I don't think you understood what I wrote then - they are the
> > opposite of helpful here.
>
> No, I do understand what you wrote but I should have e
--- Original Message ---
On Wednesday, July 19th, 2023 at 12:40 PM, Stuart Henderson
wrote:
> I don't think you understood what I wrote then - they are the
> opposite of helpful here.
No, I do understand what you wrote but I should have explained my case in more
details. Behind my Open
On Tue, Jul 18, 2023 at 5:42 PM Morgan Aldridge
wrote:
>
> On On 2023-07-18, Stuart Henderson wrote:
> > On 2023-07-18, Morgan Aldridge wrote:
> > > I'm maintaining an OpenBSD X11 window manager (WM) port, but try to
> > > keep my primary workstation on -stable, so do most of my development
> >
On Wed, Jul 19, 2023 at 11:36:55AM +0900, lain. wrote:
> 90% of the developers make bad code, yes.
> Either because of their lack of experience, their choice of tools, or
> because of requirements set by managers who just follow the latest
> trends without having any knowledge of programming themse
On 19/07/2023 13:31, Stuart Henderson wrote:
> On 2023-07-19, Kapetanakis Giannis wrote:
>> Maybe even better, can it run under relayd (redirect) on top of carp?
> That's just rdr-to behind the scenes, no problem with that, though if
> you want to do per IP rate limiting alongside load-balancing
On 2023-07-19, mabi wrote:
> --- Original Message ---
> On Tuesday, July 18th, 2023 at 10:59 PM, Stuart Henderson
> wrote:
>
>
>> PF's state-tracking options are only for TCP. (Blocking an IP
>> based on number of connections from easily spoofed UDP is a good
>> way to let third parties
On 2023-07-19, Kapetanakis Giannis wrote:
> On 18/07/2023 23:59, Stuart Henderson wrote:
>> PF's state-tracking options are only for TCP. (Blocking an IP
>> based on number of connections from easily spoofed UDP is a good
>> way to let third parties prevent your machine from communicating
>> with
--- Original Message ---
On Tuesday, July 18th, 2023 at 10:59 PM, Stuart Henderson
wrote:
> PF's state-tracking options are only for TCP. (Blocking an IP
> based on number of connections from easily spoofed UDP is a good
> way to let third parties prevent your machine from communicating
On 18/07/2023 23:59, Stuart Henderson wrote:
> PF's state-tracking options are only for TCP. (Blocking an IP
> based on number of connections from easily spoofed UDP is a good
> way to let third parties prevent your machine from communicating
> with IPs that may well get in the way i.e. trigger a "
13 matches
Mail list logo
