This is EXACTLY what I was looking for!

I am running 1.3.2 and a simple ICMP block from the examples 
works great and doesn't interfere with any of my running services.

Thanks a million!
Steve

-----Original Message-----
From:	Thilo Manske [SMTP:Thilo.Manske@HEH.Uni-Oldenburg.DE]
Sent:	Monday, December 21, 1998 2:53 PM
To:	port-i386@netbsd.org
Subject:	Re: Interface devices and security

In message <01BE2CED.1D1A0B70.stevep@mccue.com>
          Steve Paul <stevep@mccue.com> wrote:
> Is there some method or interface/kernal patch to make the 
> server reject oversized packets/icmp data?  Or maybe some
> listener program that shuts off these ports on detection of
> possible flood?

Maybe the "IP Filter" software that comes with NetBSD 1.3 is all you
need. 

Please see http://coombs.anu.edu.au/~avalon/ip-filter.html , ipf(5),
ipf(8), /usr/share/examples/ipf/* for more information about it.

Bye,
  Thilo.
-- 
Mir ist mein Signature entlaufen :-(. Wer es findet, sende es bitte an
Thilo.Manske@HEH.Uni-Oldenburg.DE zuruck. Danke!