Firewalld options to PFSENSE.. Any suggestions?



  • I have those rules on my mail server I wonder if there is a way to implement them on my firewall…

    Thanks

    <rule priority="1" table="filter" ipv="ipv4" chain="INPUT_direct">-p tcp --dport 25 -m state --state NEW -m recent --update --seconds 30 --hitcount 4 -j REJECT --reject-with tcp-reset</rule>
      <rule priority="2" table="filter" ipv="ipv4" chain="INPUT_direct">-p tcp --dport 25 -m state --state NEW -m recent --update --seconds 60 --hitcount 7 -j REJECT --reject-with tcp-reset</rule>
      <rule priority="3" table="filter" ipv="ipv4" chain="INPUT_direct">-p tcp --dport 25 -m state --state NEW -m recent --update --seconds 200 --hitcount 15 -j REJECT --reject-with tcp-reset</rule>
      <rule priority="4" table="filter" ipv="ipv4" chain="INPUT_direct">-p tcp --dport 25 -m state --state NEW -m recent --update --seconds 2000 --hitcount 35 -j REJECT --reject-with tcp-reset</rule>
      <rule priority="5" table="filter" ipv="ipv4" chain="INPUT_direct">-p tcp --dport 25 -m state --state NEW -m recent --update --seconds 20000 --hitcount 120 -j REJECT --reject-with tcp-reset</rule>



  • install package suricata for IDS/IPS


Log in to reply