Quote:
|
Originally Posted by botman
unless you have a pretty expensive firewall
|
OpenBSD's packet filter can... and it's... (guess what?)... FREE!
</hype>
back on topic, I'm not sure you can come up with anything useful here, Onno. As botman says, the best and only place to deal with this is the firewall config. Don't let it even send back ACK packets to SYN requests on those you want to deny, perhaps that'll help cut the traffic down, but I wouldn't bet big on it.
The biggest problem here is UDP, which is a sort of "connectionless" protocol, meaning that the 2 talking don't need to exchange their intentions before sending anything. If a machine wants to tell you something in UDP, it'll send you the whole burst of data, without asking whether you're ready or not to receive it and without even wondering whether you're up or not. Doing anything at the TCP (protocol) level is useless, what you need to do must happen at the IP level and this can only be done by the firewall (or the OS kernel, if you're crazy enough
)