Re: [fw-wiz] PIX Questions.
From: Dave Rinker (firewall@dsrtech.com)
Date: 03/18/03
- Previous message: Doug Sax: "RE: [fw-wiz] PIX Questions."
- In reply to: George J. Jahchan, Eng.: "[fw-wiz] PIX Questions."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: Dave Rinker <firewall@dsrtech.com> To: Firewall Wizards <Firewall-Wizards@honor.icsalabs.com> Date: 17 Mar 2003 19:06:56 -0500
You can add to the end of your static command either the number of max
connections or the max number of half open connections. (max_conns or
emb_limit)
This is from all IPs, I know no way to restrict by the same IP. Link
provided below. You might want to look at the "timeout" command to deal
with the same IP request.
On Mon, 2003-03-17 at 13:49, George J. Jahchan, Eng. wrote:
> I need to limit the maximum number of simultaneous inbound connections to a
> server through a PIX 515 (6.22). I did not select it, but that is what I
> have to work with. Is it possible to limit the number of inbound connections
> it will allow as follows:
>
> Maximum number of simultaneous connections from all IP addresses to a
> host/port combo in DMZ.
>
> Maximum number of simultaneous connections from the same IP address to a
> host/port combo in DMZ.
>
> I know the Lucent Brick allows the first item and NetFilter/IPtables (with
> some P-O-M patches) allows both limitations. How about the PIX?
> TIA
>
> _______________________________________________
> firewall-wizards mailing list
> firewall-wizards@honor.icsalabs.com
> http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
_______________________________________________
firewall-wizards mailing list
firewall-wizards@honor.icsalabs.com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
- Previous message: Doug Sax: "RE: [fw-wiz] PIX Questions."
- In reply to: George J. Jahchan, Eng.: "[fw-wiz] PIX Questions."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
