Date: Thu, 04 Aug 2005 14:41:13 -0700 From: "Giovanni P. Tirloni" <gpt@tirloni.org> To: BB <brent.bolin@gmail.com> Cc: pf@freebsd.org Subject: Re: Can pf dynamicly close connections Message-ID: <42F28B79.1030202@tirloni.org> In-Reply-To: <787dcac2050803142433b8d084@mail.gmail.com> References: <787dcac2050803142433b8d084@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
BB wrote: > If a host is sending packets on ports that aren't even open can it > temporarily close all connections to this host. I don't think this a task pf itself should do but you can implement something to monitor connections attemps on closed ports and then inspect the pf's state table (pfctl -s state) and remove it (pfctl -k). Do you want something like PortSentry ? Someone could spoof those attempts and create a DoS on something you don't want to block. -- Giovanni P. Tirloni
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?42F28B79.1030202>