[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: pf compatibility w/ other unix OS

To: misc@openbsd.org
Subject: Re: pf compatibility w/ other unix OS
From: dreamwvr <dreamwvr@dreamwvr.com>
Date: Mon, 3 Jun 2002 09:44:56 -0600
Content-Disposition: inline
References: <MKEKKOHGOGCHFLOFDGPNAEGKCBAA.dedonckers@pandora.be> <20020603092836.GB7711@c9x.org>

On Mon, Jun 03, 2002 at 11:28:14AM +0200, Jedi/Sector One wrote:
> On Mon, Jun 03, 2002 at 11:07:48AM +0200, Steve wrote:
> > dude, you must have been on mars.. it's been around for quite some time now
> > check altqd(8) or http://www.muine.org/~hoang/openpf.html
> 
>   What I mean with rate limitation is to disallow the same <source ip>/
> <dest ip+port> pair to match 100 times a second.
> 
Jedi,
    Your correct and it is extremely trivial for this to occur. I am 
assuming you are using apache therefore see mod_backhand for load 
balancing for example. There is a better way which IIR i will send.
Hope that helps a little. 

Best Regards,
dreamwvr@dreamwvr.com


-- 
/*  Security is a work in progress - dreamwvr                 */
#                                                             
# Note: To begin Journey type man afterboot,man help,man hier[.]      
#                                                             
// "Who's Afraid of Schrodinger's Cat?" /var/(.)?mail/me \?  ;-]

References:
- Re: pf compatibility w/ other unix OS
  - From: "Steve" <dedonckers@pandora.be>
- Re: pf compatibility w/ other unix OS
  - From: Jedi/Sector One <j@pureftpd.org>

Prev by Date: Re: no console after killing XFree
Next by Date: Re: HOWTO - Choose SUN hardware to replace PC/Intel hardware
Prev by thread: Re: pf compatibility w/ other unix OS
Next by thread: Re: pf compatibility w/ other unix OS
Index(es):
- Date
- Thread