Software Design '07/1 号を 技術評論社 さんから献本いただいて読んでいて、PHREL なるツールを知りました。

 PHREL is a Per Host RatE Limiter written in C to efficiently track the rate of incoming traffic
on a per host basis and insert a chain into iptables when a configured threshold is crossed.
The inserted chain may either rate limit or completely block the offending host for a period
of time and will be automatically removed when the offending host's traffic levels return to normal.
PHREL can be used with any type of traffic, but it is particularly well suited to protecting name servers
from random hosts that flood DNS requests and preventing SSH brute force login attempts.

ふむふむ、Linux 版の pf ってトコですかね？ うまく使って DoS から身を守りましょう :)。