ISD 820 Knowledge Base

User Tools

Site Tools

You are here: start » freebsd » pf_attack_mitigation
freebsd:pf_attack_mitigation

This is an old revision of the document!

Packet Filter Attack Mitigation

table <abusive_hosts> persist
block in quick from <abusive_hosts>

pass in on $ext_if proto tcp to $web_server port www flags S/SA keep state (max-src-conn 100, max-src-conn-rate 15/5, overload <abusive_hosts> flush)
freebsd/pf_attack_mitigation.1415634534.txt.gz · Last modified: 2014/11/10 09:48 by tschulz

Page Tools

Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
CC Attribution-Share Alike 4.0 International Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki