Can ipfw be used to limit concurrent requests from an IP?
will_squire at hotmail.co.uk
Fri May 27 19:36:07 UTC 2016
Can ipfw limit the number requests in a given amount of time from a specific IP?
To contextualise, if an IP sends requests in high concurrency (let's say 50 a second) can ipfw either block requests the exceed a threshold for that second (lets say the threshold is 20, 30 would be blocked), or ban/deny the given IP for exceeding a threshold?
The aim is to lessen strain under DoS attacks, specifically for HTTP. The system is using Apache and mod_evasive has been added and tested, but it is not functioning correctly.
(P.S. The freebsd-ipfw list seems to be for development of the technology only, so asking this here. Please let me know if this isn’t the case)
More information about the freebsd-questions