Hi, I'm just wondering if there is a way to rate limit icmp echo request. i.e. pings.
I tried the following rule but it errors out with "syntax error" pass in quick on em1 inet proto icmp from 192.168.0.23 to 192.168.1.2 icmp-type echoreq (max-src-conn-rate 1/2, overload <abusive_hosts> flush) I'm trying to avoid even standard pings and especially "ping -f". Additionally, I was wondering if there would be a way to block icmp that's over a certain size. "ping -s". Thanks in advance!!!
