Feature Requests

First: Thank you for this amazing software! Keep up the good work.

My biggest excitement with the 1.3b development and its wishlist is the following:
"port scan detection with automatic blackholing"

What's the status on this? When will we see this in m0n0wall?

what if you luch a spoofed scan with your dns as source ip
you'll blacklist your dns ?

this feature looks dangerous to me

It can be dangerous, depending on how it's done. The best way to do this is to integrate into some external monitoring system like OSSEC with active response.

More importantly, while it may sound like a good idea, it's pointless. Anybody that scans you from one IP and then launches further attacks from the same IP is a clueless script kiddie, and if you're vulnerable to something a clueless script kiddie is throwing at you, you're going to get compromised by someone with a clue who won't trigger this.