can ipfw do this?
Kang Liu
liukang at bjpu.edu.cn
Wed Dec 10 02:46:17 PST 2003
> -----Original Message-----
> From: owner-freebsd-ipfw at freebsd.org
> [mailto:owner-freebsd-ipfw at freebsd.org] On Behalf Of victor
> Sent: Wednesday, December 10, 2003 5:53 PM
> To: freebsd-ipfw at freebsd.org
> Subject: can ipfw do this?
>
>
> Forgive me if this question has been asked before, I'm
> totoally new to
> ipfw. I'm looking forward to setup 'something' to limit the
> number of
> connection my smtp box would accept from a single IP address and I
> pictured firewall would be the most likely candidate.
>
use ipfw with dynamic rules can slove your problem.
e.g.
ipfw add allow tcp from any to any established
ipfw add allow tcp from some_where to my_server_ip server_some_ports limit src-addr num_of_connection_pre_ip setup
I suggest you use ipfw1 if it is a production server,
there might be some problems in ipfw2 when use dynamic rules.
Kang.
More information about the freebsd-ipfw
mailing list