Date: Mon, 29 Oct 2001 15:31:41 -0800 From: "Crist J. Clark" <cristjc@earthlink.net> To: Peter Haight <peterh@sapros.com> Cc: freebsd-security@FreeBSD.ORG Subject: Re: ipfw dynamic entries I don't understand. Message-ID: <20011029153140.A224@gohan.cjclark.org> In-Reply-To: <200110282105.f9SL5ex95768@wartch.sapros.com>; from peterh@sapros.com on Sun, Oct 28, 2001 at 01:05:40PM -0800 References: <200110282105.f9SL5ex95768@wartch.sapros.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, Oct 28, 2001 at 01:05:40PM -0800, Peter Haight wrote: > > Someone was portscanning my machine the other day. I have an ipfw setup with > some dynamic rules and the guy doing the portscanner managed to get some of > his connections to start as a dynamic rule. I had thought I had it setup so > that only tcp connections originating from the server would start a > dynamic rule. I'm using a set of rules which I grew from the 'simple' > firewall rules (with NAT). This eventually filled up the dynamic rule table > so that I couldn't make any more connections. Is there some way to fix this? There is really no way to see what is going on without the _complete_ firewall ruleset. -- Crist J. Clark cjclark@alum.mit.edu To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20011029153140.A224>