PF ve FBSD blokovani na zaklade pocitani

Milos Vyletel milos.vyletel at gmail.com
Wed May 14 20:13:20 CEST 2014

Previous message: PF ve FBSD blokovani na zaklade pocitani
Next message: PF ve FBSD blokovani na zaklade pocitani
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Cau,

mozno mi nieco unika ale nie je nahodou

http://www.openbsd.org/faq/pf/filter.html#udpstate

to co potrebujes? Example priklad specificky spomina rate limit pre udp spojenia

An example:

table <abusive_hosts> persist
block in quick from <abusive_hosts>

pass in on $ext_if proto tcp to $web_server \
    port www flags S/SA keep state \
    (max-src-conn 100, max-src-conn-rate 15/5, overload <abusive_hosts> flush)

This does the following:

Limits the maximum number of connections per source to 100
Rate limits the number of connections to 15 in a 5 second span
Puts the IP address of any host that breaks these limits into the
<abusive_hosts> table
For any offending IP addresses, flush any states created by this rule.

Milos


2014-05-14 14:03 GMT-04:00 Radek Krejča <radek.krejca at starnet.cz>:
> Ahoj,
>
> mam posledni dobou problem, ze mi utoci na me dns servery. Pouzivam jako firewall pf, ale potreboval bych, zda lze v nem udelat pravidlo, ktery zni nasledovne:
>
> pokud je pocet paketu odpovidajici pravidlu za urcitou dobu roven urcitemu poctu, potom block
>
> Nejakou dobu nazad jsem videl v linuxu neco takoveho, tusim, ze to byl modul recent, nebo tak nejak.
>
> Ja mam obavu, ze pf to nativne asi umet nebude, jednak jsem nic moc v manualu, co by se tomu blizilo nenasel a jednak hodne veci se resi externimi nastroji, ale radeji se predem zeptam.
>
> Diky
> Radek
>
> --
> FreeBSD mailing list (users-l at freebsd.cz)
> http://www.freebsd.cz/listserv/listinfo/users-l

Previous message: PF ve FBSD blokovani na zaklade pocitani
Next message: PF ve FBSD blokovani na zaklade pocitani
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Users-l mailing list