Can ipfw be used to limit concurrent requests from an IP?
Shane Ambler
FreeBSD at ShaneWare.Biz
Sun May 29 13:25:27 UTC 2016
On 28/05/2016 05:04, Will Squire wrote:
> Can ipfw limit the number requests in a given amount of time from a
> specific IP?
>
> To contextualise, if an IP sends requests in high concurrency (let's
> say 50 a second) can ipfw either block requests the exceed a
> threshold for that second (lets say the threshold is 20, 30 would be
> blocked), or ban/deny the given IP for exceeding a threshold?
>
> The aim is to lessen strain under DoS attacks, specifically for HTTP.
> The system is using Apache and mod_evasive has been added and tested,
> but it is not functioning correctly.
>
> (P.S. The freebsd-ipfw list seems to be for development of the
> technology only, so asking this here. Please let me know if this
> isn’t the case)
You might want to look at sshguard
http://www.freshports.org/security/sshguard-ipfw/
http://www.sshguard.net/
--
FreeBSD - the place to B...Software Developing
Shane Ambler
More information about the freebsd-questions
mailing list