From owner-freebsd-net Wed Mar 20 0: 1:18 2002 Delivered-To: freebsd-net@freebsd.org Received: from iguana.icir.org (iguana.icir.org [192.150.187.36]) by hub.freebsd.org (Postfix) with ESMTP id E2C5F37B477 for ; Wed, 20 Mar 2002 00:00:36 -0800 (PST) Received: (from rizzo@localhost) by iguana.icir.org (8.11.6/8.11.3) id g2K80UB42235; Wed, 20 Mar 2002 00:00:30 -0800 (PST) (envelope-from rizzo) Date: Wed, 20 Mar 2002 00:00:30 -0800 From: Luigi Rizzo To: Yusuf Goolamabbas Cc: freebsd-net@FreeBSD.ORG Subject: Re: Is there any mechanism/patch to limit total number of connections/IP Message-ID: <20020320000030.A42197@iguana.icir.org> References: <20020320075658.GA27302@outblaze.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20020320075658.GA27302@outblaze.com> User-Agent: Mutt/1.3.23i Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Wed, Mar 20, 2002 at 03:56:58PM +0800, Yusuf Goolamabbas wrote: > Hi, In the Linux netfilter world, there exists a kernel/netfilter > patch called iplimit which does what the subject mention > > Is there anything similar in freebsd or can this be emulated via ipfw > in any form of course :) there is a "limit" option in ipfw which does this. Check the manpage in a recent FreeBSD (4.5) Having implemented it, I still believe that it makes a lot more sense to limit bandwidth using dummynet pipes rather than number of connections (which can be widely different in resource usage). cheers luigi > > http://www.netfilter.org/documentation/HOWTO/netfilter-extensions-HOWTO.html#toc3.3 > > Regards, Yusuf > > -- > Yusuf Goolamabbas > yusufg@outblaze.com > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-net" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message