Netgate SG-1000 microFirewall

Author Topic: Firewalld options to PFSENSE.. Any suggestions?  (Read 240 times)

0 Members and 1 Guest are viewing this topic.

Offline itlinux

  • Newbie
  • *
  • Posts: 5
  • Karma: +0/-0
    • View Profile
Firewalld options to PFSENSE.. Any suggestions?
« on: December 19, 2017, 07:48:52 pm »
I have those rules on my mail server I wonder if there is a way to implement them on my firewall...

Thanks

<rule priority="1" table="filter" ipv="ipv4" chain="INPUT_direct">-p tcp --dport 25 -m state --state NEW -m recent --update --seconds 30 --hitcount 4 -j REJECT --reject-with tcp-reset</rule>
  <rule priority="2" table="filter" ipv="ipv4" chain="INPUT_direct">-p tcp --dport 25 -m state --state NEW -m recent --update --seconds 60 --hitcount 7 -j REJECT --reject-with tcp-reset</rule>
  <rule priority="3" table="filter" ipv="ipv4" chain="INPUT_direct">-p tcp --dport 25 -m state --state NEW -m recent --update --seconds 200 --hitcount 15 -j REJECT --reject-with tcp-reset</rule>
  <rule priority="4" table="filter" ipv="ipv4" chain="INPUT_direct">-p tcp --dport 25 -m state --state NEW -m recent --update --seconds 2000 --hitcount 35 -j REJECT --reject-with tcp-reset</rule>
  <rule priority="5" table="filter" ipv="ipv4" chain="INPUT_direct">-p tcp --dport 25 -m state --state NEW -m recent --update --seconds 20000 --hitcount 120 -j REJECT --reject-with tcp-reset</rule>

Offline leungda

  • Newbie
  • *
  • Posts: 11
  • Karma: +0/-0
    • View Profile
Re: Firewalld options to PFSENSE.. Any suggestions?
« Reply #1 on: December 30, 2017, 10:58:46 am »
install package suricata for IDS/IPS