Can ipfw be used to limit concurrent requests from an IP?

Shane Ambler FreeBSD at ShaneWare.Biz
Sun May 29 13:25:27 UTC 2016

On 28/05/2016 05:04, Will Squire wrote:
> Can ipfw limit the number requests in a given amount of time from a
> specific IP?
> To contextualise, if an IP sends requests in high concurrency (let's
> say 50 a second) can ipfw either block requests the exceed a
> threshold for that second (lets say the threshold is 20, 30 would be
> blocked), or ban/deny the given IP for exceeding a threshold?
> The aim is to lessen strain under DoS attacks, specifically for HTTP.
> The system is using Apache and mod_evasive has been added and tested,
> but it is not functioning correctly.
> (P.S. The freebsd-ipfw list seems to be for development of the
> technology only, so asking this here. Please let me know if this
> isn’t the case)

You might want to look at sshguard

FreeBSD - the place to B...Software Developing

Shane Ambler

More information about the freebsd-questions mailing list