Date: Mon, 15 Apr 2002 17:38:47 +0200 From: Sheldon Hearn <sheldonh@starjuice.net> To: The Anarcat <anarcat@anarcat.dyndns.org> Cc: Andrew Johns <johnsa@kpi.com.au>, Christoph Kukulies <kuku@gilberto.physik.rwth-aachen.de>, freebsd-security@FreeBSD.ORG Subject: Re: General Rate-limiting in syslog(3) (was: Limiting closed port RST response from 381 to 200 p) Message-ID: <14502.1018885127@axl.seasidesoftware.co.za> In-Reply-To: Your message of "Mon, 15 Apr 2002 11:24:35 -0400." <20020415152435.GB302@lenny.anarcat.dyndns.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 15 Apr 2002 11:24:35 -0400, The Anarcat wrote: > I think it therefore belongs to ipfw to do this kind of rate-limiting, > and on a per-rule base, it would be fantastic. > > I guess I'll need to take another look at ipfw's source, again. :) Well, the messages that this thread revolve around are generated by the kernel's ICMP code, not by IPFW. But if you were to take an interest in improving ipfw's logging, you might want to look at how IPFilter handles logging. In my opinion, IPFilter's logging system is a great step forward from IPFW's. Each message I post on this thread feels more and more off-topic. I think this'll be my last. :-) Ciao, Sheldon. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?14502.1018885127>