Date: Sun, 5 Oct 2008 12:53:03 -0500 (CDT) From: Scott Bennett <bennett@cs.niu.edu> To: freebsd-questions@freebsd.org Subject: pf vs. RST attack question Message-ID: <200810051753.m95Hr3N5014872@mp.cs.niu.edu>
next in thread | raw e-mail | index | archive | help
I'm getting a lot of messages like this:
Oct 4 14:30:00 hellas kernel: Limiting closed port RST response from 250 to 200 packets/sec
Is there some rule I can insert into /etc/pf.conf to reject these apparently
invalid RST packets before they can bother TCP? At the same time, I do not
want to reject legitimate RST packets.
Thanks in advance for any clues!
Scott Bennett, Comm. ASMELG, CFIAG
**********************************************************************
* Internet: bennett at cs.niu.edu *
*--------------------------------------------------------------------*
* "A well regulated and disciplined militia, is at all times a good *
* objection to the introduction of that bane of all free governments *
* -- a standing army." *
* -- Gov. John Hancock, New York Journal, 28 January 1790 *
**********************************************************************
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200810051753.m95Hr3N5014872>