RE: Port scan detection in ipfw2

• Previous message: Paul Mather: "Re: Port scan detection in ipfw2"
• Maybe in reply to: Khoi Dinh: "Port scan detection in ipfw2"
• Next in thread: Paul Mather: "RE: Port scan detection in ipfw2"
• Reply: Paul Mather: "RE: Port scan detection in ipfw2"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

To: 'Paul Mather' <paul@gromit.dlib.vt.edu>, khoi@oddworld.com
Date: Thu, 10 Jun 2004 08:46:37 -0400

From: Paul Mather [mailto:paul@gromit.dlib.vt.edu]
> On Thu, 2004-06-10 at 00:11, Khoi Dinh wrote:
>
> > Also, is ipfw2 able to allow/disallow traffic according to
> > time? ie. If I wanted to allow http traffic only from 9am
> to 1pm, can I do
> > this with ipfw? I've been looking all over the net looking
> for a solution
> > but haven't found one and was hoping that someone on the
> list could help me
> > out, even if the answer is "no, there are no such
> kernel-based features."
>
> I don't believe there are any "kernel-based features" to do the above,
> but a reasonable solution to that problem would be to use two cron
> jobs. One, run at 9am, would insert/remove rules using ipfw to allow
> HTTP traffic. The other, run at 1pm, would insert/remove rules using
> ipfw to deny HTTP traffic. You're probably already using
> cron to do log
> rotation via newsyslog, so leveraging that tool to rotate ipfw traffic
> policies shouldn't be beyond the pale...
>
> Cheers,
>
> Paul.

There was a patch to ipfw posted last year that gave time
to rules.

_______________________________________________
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscribe@freebsd.org"

• Previous message: Paul Mather: "Re: Port scan detection in ipfw2"
• Maybe in reply to: Khoi Dinh: "Port scan detection in ipfw2"
• Next in thread: Paul Mather: "RE: Port scan detection in ipfw2"
• Reply: Paul Mather: "RE: Port scan detection in ipfw2"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]