Date: Sun, 5 Jun 2005 20:36:11 +0200 From: Riccardo Giuntoli <taglio@gmail.com> To: Giorgos Keramidas <keramida@freebsd.org> Cc: freebsd-stable@freebsd.org, freebsd-questions@freebsd.org, freebsd-pf@freebsd.org Subject: Re: limit number of tcp connection for a GID Message-ID: <31fbaca905060511367d24e3ec@mail.gmail.com> In-Reply-To: <20050605181315.GE16327@gothmog.gr> References: <31fbaca905060510563c64eb49@mail.gmail.com> <20050605181315.GE16327@gothmog.gr>
next in thread | previous in thread | raw e-mail | index | archive | help
On 6/5/05, Giorgos Keramidas <keramida@freebsd.org> wrote:
...
> I'm not sure if pf does this already. Even if it doesn't though,
> it may be possible to write a transparent proxy that limits the
> connections per uid/gid. The support for transparent proxies in
> pf is awesome :-)
I've found this on pf.conf(5) manpage:
STATEFUL TRACKING OPTIONS
All three of keep state, modulate state and synproxy state support the
following options:
max _number_
Limits the number of concurrent states the rule may create. When
this limit is reached, further packets matching the rule that would
create state are dropped, until existing states time out.
Thank you Giorgios
Bye
--
Name: Riccardo Giuntoli
Email: taglio@gmail.com
Homepage: http://www.luxoro.org/
Location: Genova, Italy
6BONE Handle: RG581-6BONE
PGP Key: 0x67123739
PGP Fingerprint: CE75 16B5 D855 842F AB54
FB5C DDC6 4640 6712 3739
Key server: hkp://wwwkeys.eu.pgp.net
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?31fbaca905060511367d24e3ec>