|
IPFW Firewall pppd based
Hello to all.
My question is: I have freebsd server with 2 network cards, i use it for nat and i would like to know how module DUMMYNET can be helpful in filtering imcp "smurf". Does omeone know how to limit icmp smurf but allow normal ping to my host? :confused: |
Type sysctl -a | grep icmp to see all kernel variables related to ICMP. You have icmplim which limit the number of ICMP packets by second and log_redirect, drop_redirect ...
In the same way, look in the kernel configuration file (in /usr/src/sys/i386/conf), you'll find ICMP options. In IPFW, you'll only find parameters to drop or not ICMP packets. I think DUMMYNET is only for TCP not for ICMP. Hope it helps |
Tnx :)
|
| All times are GMT -5. The time now is 10:55 AM. |