Honeypots mailing list archives
Re: Openbsd firewall
From: "Travis Boucher" <tbone () tbone ca>
Date: Thu, 29 Jul 2004 22:33:34 -0700
I don't see why you couldn't limit it below 5.6Kb. If you are running multiple honeypots, I'd suggest setting up a single queue with the total bandwidth you'll allow to all of the honeypots (20Kb for example), then use sub-queues for each target machine: eg. (/etc/pf.conf) # Start hp_if=fxp2 hpa=192.168.0.1 hpb=192.168.0.2 hpb=192.168.0.3 altq on $hp_if cbq bandwidth 20Kb {hp_nomatch, qhpa, qhpb, qhba} queue hp_nomatch bandwidth 1% queue qhpa bandwidth 5% queue qhpb bandwidth 5% queue qhpc bandwidth 5% pass in from any to $hpa queue qhpa pass in from any to $hpb queue qhpb pass in from any to $hpc queue qhpc # End That should effectivly limit each honeypot to 1Kbps. This is assuming you are using pf and altq for bandwidth limiting. You could also use some userspace bandwidth throttling capable tools (openvpn comes to mind). On Thu, 29 Jul 2004 15:55:17 -0500, joe smith wrote
I currently testing an openbsd gateway/firewall for my honeypot setup. I'm limiting the amount of bandwidth for each honey pot. Does anyone know why I can not set it below 5.6 kilobits? Thanks J
Current thread:
- Openbsd firewall joe smith (Jul 29)
- Re: Openbsd firewall victor calzado (Jul 30)
- Re: Openbsd firewall Travis Boucher (Jul 30)
- Re: Openbsd firewall Alexandre Dulaunoy (Aug 02)
- Re: Openbsd firewall joe smith (Aug 02)