On Thu, 2006-08-24 at 12:30 -0400, Daniel Ouellet wrote:
> I am now up to 11,149 simultaneous sources for the last 22 hours.
>
> Someone is having fun at my expense.
>
> But still holding on remarkably well!
sounds like it is time to deploy some PF hackery...
table <bad_hosts> persist
block in quick on $ext_if inet from <bad_hosts>
pass in on $ext_if proto tcp from any to any port 80 \
flags S/SA synproxy state (max-src-conn 100, \
max-src-conn-rate 15/5, \
overload <bad_hosts> flush)
later.
ryanc
--
Ryan Corder <[EMAIL PROTECTED]>
Systems Engineer, NovaSys Health LLC.
501-219-4444 ext. 646
[demime 1.01d removed an attachment of type application/pgp-signature which had
a name of signature.asc]
