On 11/23/06, John Smith <[EMAIL PROTECTED]> wrote:
> > Could someone please give me full example to setup
> > limit {src-addr | src-port | dst-addr | dst-port} to do what IPFW
> > 01000 allow tcp from any to me setup limit src-addr 5 currently does
Could you please post your pf.conf with the rules so I can use it as a guide?
A complete and working pf.conf that limits all inbound tcp connections
to 5 per source ip address would be:
pass in proto tcp all flags S/SA keep state (source-track rule,
max-src-states 5)
Yes, just that one line. Obviously you need some more rules around
that, and the PF User's Guide at
http://www.openbsd.org/faq/pf/index.html will do a far better job of
explaining it than I could in a short email.
--
Jon
_______________________________________________
freebsd-pf@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-pf
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
