How can I slow down port scans and DMZ scans ?

The rate at which CDRouter performs port scans in the firewall.tcl and dmz.tcl modules can be controlled using using the portScanDelay testvar. This testvar defines a millisecond delay between the sending of each scan packet. It defaults to 1 millisecond.

In some situations you may want to slow down the port scan procedure to verify that packets are not getting dropped by the router before they can be forwarded to virtual services, DMZ hosts, etc. For example, to delay each scan packet by 10 milliseconds, configure the testvar portScanDelay as follows:

testvar portScanDelay 10