On 2/27/06, Morten Larsen <[EMAIL PROTECTED]> wrote:
> rdr pass on $ext_if proto tcp from any to ($ext_if) port {135:139, 445}
> -> 127.0.0.1 $tarpit_port
>
> pass in on lo0 proto tcp from any to 127.0.0.1 \
> port {135:139, 445} flags S/SA synproxy state \
> (max-src-conn 0, max-src-conn-rate 0/1,
Travis H. wrote:
> On 2/27/06, Morten Larsen <[EMAIL PROTECTED]> wrote:
>> rdr pass on $ext_if proto tcp from any to ($ext_if) port {135:139, 445}
>> -> 127.0.0.1 $tarpit_port
>>
>> pass in on lo0 proto tcp from any to 127.0.0.1 \
>> port {135:139, 445} flags S/SA synproxy state \
>> (max-src-conn
Daniel Hartmeier wrote:
> On Mon, Feb 27, 2006 at 10:21:22AM -0500, Chris Smith wrote:
>
>> On Saturday 25 February 2006 19:34, Morten Larsen wrote:
>>> It would be nice if you cold do something like:
>>>
>>> block in on $ext_if proto {tcp, udp} from any to any port 135:139
>>> overload flush glo
On Mon, Feb 27, 2006 at 10:21:22AM -0500, Chris Smith wrote:
> On Saturday 25 February 2006 19:34, Morten Larsen wrote:
> > It would be nice if you cold do something like:
> >
> > block in on $ext_if proto {tcp, udp} from any to any port 135:139
> > overload flush global
>
> That would sure clea
On Saturday 25 February 2006 19:34, Morten Larsen wrote:
> It would be nice if you cold do something like:
>
> block in on $ext_if proto {tcp, udp} from any to any port 135:139
> overload flush global
That would sure clean up the Internet! Quite funny.
But it would really be nice to load a table
It would be nice if you cold do something like:
block in on $ext_if proto {tcp, udp} from any to any port 135:139
overload flush global
Michiel van Baak wrote:
> On 14:48, Wed 22 Feb 06, Chris Smith wrote:
>> In addition to preventing infected PC's from using their own SMTP engine
>> to send ou
On 14:48, Wed 22 Feb 06, Chris Smith wrote:
> In addition to preventing infected PC's from using their own SMTP engine
> to send out spam by blocking port 25 from all but the mail server. I
> would also like to add those hosts automatically to a table in order to
> block their access altogether
In addition to preventing infected PC's from using their own SMTP engine
to send out spam by blocking port 25 from all but the mail server. I
would also like to add those hosts automatically to a table in order to
block their access altogether so that the infected PC's cannot attempt
other dama