Article:
  OpenBSD PF Developer Interview
Subject:   questions of the bridge
Date:   2004-06-22 11:46:45
From:   xiyang
Dear Sir:
i install the OpenBSD3.4 as the bridge firewall.below is the topology:


internet<----->OpenBSD_bridge_Firewall<----->hub/switch<------>webserver


now,there's a SYNFLOOD attack on my webserver.
what can i do on the OpenBSD bridge Firewall?
i know the synproxy of the OpenBSD,but,The SYN proxy will not work if PF is running on a bridge(4).
would you please give me hand?
thank you very much!


Main Topics Oldest First

Showing messages 1 through 1 of 1.

  • questions of the bridge
    2004-06-22 22:09:42  Federico Biancuzzi | O'Reilly AuthorO'Reilly Blogger [View]

    If you install 3.5 you could limit the number of states by src IP. I think this could work if they doesn't use random spoofed src IPs.