Re: connection limit with ipfw
From: Ed Stover (estover_at_nativenerds.com)
Date: 01/10/05
- Previous message: Jacques A. Vidrine: "Re: update for 4.11 Security Officer-supported branches"
- In reply to: Carl Mark: "connection limit with ipfw"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: freebsd-security@freebsd.org Date: Mon, 10 Jan 2005 07:58:58 -0700
Try posting this to freebsd-ipfw@freebsd.org that might be a little more
responsive toward the question.
On Mon, 2005-01-10 at 12:32 +0000, Carl Mark wrote:
> Hello folks,
>
> I'm trying to set up a ruleset that limits every user to X tcp
> connections, since I have 300 active users on each server. I've been trying
> to work it out with the ipfw limit but I really don't know how effective it
> is.
>
> For example:
>
> ipfw -q add 15 allow tcp from me to any 80 limit dst-port X keep-state out
> setup
>
>
> Will this limit the whole machine to X connections that match the rule? I
> wanted to build somehting that would limit every user to X conns without
> having one rule for each user using the "uid" directive.
>
> Thanks for your precious help.
> Regards,
> Carl
>
> _________________________________________________________________
> It's fast, it's easy and it's free. Get MSN Messenger today!
> http://www.msn.co.uk/messenger
>
> _______________________________________________
> freebsd-security@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-security
> To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
- Previous message: Jacques A. Vidrine: "Re: update for 4.11 Security Officer-supported branches"
- In reply to: Carl Mark: "connection limit with ipfw"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
