hi,
thanks for the information, it works great!!
I've got another question related to this... how does ipfw actually
count the number of ip addresses? I mean... let's say i set up the
firewall to only accept 50 connections. ? does it count 50 connexions
per second? 50 during a minute? or what?
thanks.
En/na Nikola Stojanoski ha escrit:
you can use limit for that. here is the part about limit in ipfw manual:
limit {src-addr | src-port | dst-addr | dst-port} N
The firewall will only allow N connections with the same
set of
parameters as specified in the rule. One or more of
source and
destination addresses and ports can be specified.
so a simple way to limit max connections per ip is:
ipfw add allow ip from any to any limit src-addr 100
this way you will limiit yourself also with 100 connections per ip,
but you can play around with recv, xmit, via and other settings to fit
your needs
Regards
----- Original Message ----- From: "Jordi Moles" <[EMAIL PROTECTED]>
To: <[email protected]>
Sent: Monday, February 26, 2007 10:36 AM
Subject: ipfw along with netstat
hi,
I've done a lot of research about that but found anything like i
need. I'm running an ipfw firewall on a FreeBSD 6.1 and i wonder if
ipfw can add rules automatically when it detects, for example, that
an ip address has 100 connections open in the server. I'm doing a
similar thing with a perl script and netstat. The script counts how
many connections an ip address opened and it automatically adds a new
rule to the firewall, but I'm looking for a way in which ipfw does
that on its own.
thank you.
_______________________________________________
[email protected] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
_______________________________________________
[email protected] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
_______________________________________________
[email protected] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
