hey
,
i need some information regarding firewalls...
i need a firewall that can blacklist certain hosts if:
- the host sends
more than 5 SYN packets in 5 seconds
OR
- the host
sends some packet containing some string i define... using iptables string matching support(?)
some information/links will do just fine :P (or if you have some time maybe some iptables rules/scripts...etc.)
ps: some firewall distro will do just fine
Thanks in advance, and sorry about my noobish thread..
LE: I think that can be done using apf? hmmm ...