Article:  |
OpenBSD PF Developer Interview | |
| Subject: | questions of the bridge | |
| Date: | 2004-06-22 23:15:11 | |
| From: | xiyang | |
|
Response to: questions of the bridge
|
||
|
two problems: 1)it is random(),the method that limit the number of states by src IP maybe not effective. 2)i had use the function in the freebsd 4.10,but,the attacker could stuff your stack(net.inet.ip.fw.dyn_count) immediately,the syslogd report that "too many dyn rules..",so,you must add the num of net.inet.ip.fw.dyn_max, do like: sysctl -w net.inet.ip.fw.dyn_max=32768
|
||
Women in Technology
Hear us Roar
