[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Proactive Firewall - PF

To: misc@openbsd.org
Subject: Proactive Firewall - PF
From: Michael Dunne <mickydee@cairns.net.au>
Date: Wed, 19 Jun 2002 08:23:21 +1000

I would like to know if a particular Firewalling Daemon has been written.

Basicly its a daemon that listens to the pflog device and depending on 
certain rules, it automaticly adds a rule to PF to block them, such as port 
scanning.

For instance, if you run a ClassC network with a single mail server, a rule 
would be created logging access to port 25 on the ClassC except for the 
real mail server, and if there is attempted access to port 25 on anything 
other than the actual mail server, the daemon adds a block rule to packet 
filter without return-rst making a mini tarpit.

Thanks - Michael

Follow-Ups:
- Re: Proactive Firewall - PF
  - From: Dries Schellekens <gwyllion@ace.ulyssis.org>
- Re: Proactive Firewall - PF
  - From: Philipp Buehler <OpenBSD@fips.de>
- Re: Proactive Firewall - PF
  - From: Kamil Andrusz <wizz@mniam.net>
- Re: Proactive Firewall - PF
  - From: "Jyri Hovila" <jyri.hovila@iki.fi>
- Re: Proactive Firewall - PF
  - From: Jean-Yves Burlett <jean-yves@burlett.org>
- Re: Proactive Firewall - PF
  - From: Mike Shaw <mshaw@wwisp.com>
- Re: Proactive Firewall - PF
  - From: Henning Brauer <lists-openbsd@bsws.de>

Prev by Date: Re: PF Balancing
Next by Date: Re: Proactive Firewall - PF
Prev by thread: Re: Network Problem
Next by thread: Re: Proactive Firewall - PF
Index(es):
- Date
- Thread