rate limit with pf instead of IPFW
Jon Simola
jsimola at gmail.com
Thu Nov 23 18:59:23 UTC 2006
On 11/23/06, John Smith <almarrie at gmail.com> wrote:
> Greetings BPF gurus!
PF? bpf is different and has little to do with firewalling.
> Could someone please give me full example to setup
> limit {src-addr | src-port | dst-addr | dst-port} to do what IPFW
> 01000 allow tcp from any to me setup limit src-addr 5 currently does
I use something like this:
pass in on $ext_if proto tcp from any to $ext_if port smtp flags S/SA
keep state (source-track rule, mac-src-states 5)
--
Jon
More information about the freebsd-pf
mailing list