Firewalld options to PFSENSE.. Any suggestions?
-
I have those rules on my mail server I wonder if there is a way to implement them on my firewall…
Thanks
<rule priority="1" table="filter" ipv="ipv4" chain="INPUT_direct">-p tcp --dport 25 -m state --state NEW -m recent --update --seconds 30 --hitcount 4 -j REJECT --reject-with tcp-reset</rule>
<rule priority="2" table="filter" ipv="ipv4" chain="INPUT_direct">-p tcp --dport 25 -m state --state NEW -m recent --update --seconds 60 --hitcount 7 -j REJECT --reject-with tcp-reset</rule>
<rule priority="3" table="filter" ipv="ipv4" chain="INPUT_direct">-p tcp --dport 25 -m state --state NEW -m recent --update --seconds 200 --hitcount 15 -j REJECT --reject-with tcp-reset</rule>
<rule priority="4" table="filter" ipv="ipv4" chain="INPUT_direct">-p tcp --dport 25 -m state --state NEW -m recent --update --seconds 2000 --hitcount 35 -j REJECT --reject-with tcp-reset</rule>
<rule priority="5" table="filter" ipv="ipv4" chain="INPUT_direct">-p tcp --dport 25 -m state --state NEW -m recent --update --seconds 20000 --hitcount 120 -j REJECT --reject-with tcp-reset</rule> -
install package suricata for IDS/IPS