This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision | ||
ipfw [2010/08/26 02:21] k2patel |
ipfw [2020/08/10 02:35] (current) |
||
---|---|---|---|
Line 17: | Line 17: | ||
</code> | </code> | ||
NOTE : sysctl net.link.ether.bridge_ipfw=1 (this value enable the snort) | NOTE : sysctl net.link.ether.bridge_ipfw=1 (this value enable the snort) | ||
- | |||
==== Common Attack Prevention ==== | ==== Common Attack Prevention ==== | ||
Line 46: | Line 45: | ||
**#deny fragments as bogus packets** | **#deny fragments as bogus packets** | ||
<code bash> | <code bash> | ||
- | ipfw add 00017 deny log all from any to any frag in via | + | ipfw add 00017 deny log all from any to any frag in via em0 |
</code> | </code> |