||OpenBSD PF Developer Interview|
|Subject:||questions of the bridge|
Response to: questions of the bridge
1)it is random(),the method that limit the number of states by src IP maybe not effective.
2)i had use the function in the freebsd 4.10,but,the attacker could stuff your stack(net.inet.ip.fw.dyn_count) immediately,the syslogd report that "too many dyn rules..",so,you must add the num of net.inet.ip.fw.dyn_max, do like:
sysctl -w net.inet.ip.fw.dyn_max=32768
Hear us Roar