rate limit syn

Gardner Bell gbell72 at rogers.com
Thu Sep 25 20:25:35 UTC 2008

Previous message: [IPFW add ARP support] - Request for testing
Next message: bin/127707: ipfw(8): ipfw add 10 count ip from any to 172.16.0.1, me does not work
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Just a quick question:  Does ipfw or dummynet have an option to rate limit the amount of syn packets sent to the same destination address, and port number in say 10 second period?  Or is net.inet.tcp_syncookies enough protection in the case of a syn flood.

Gardner Bell

Previous message: [IPFW add ARP support] - Request for testing
Next message: bin/127707: ipfw(8): ipfw add 10 count ip from any to 172.16.0.1, me does not work
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the freebsd-ipfw mailing list