From owner-freebsd-questions@FreeBSD.ORG  Wed Jun  6 10:43:01 2007
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
X-Original-To: freebsd-questions@freebsd.org
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id DB38B16A421
	for <freebsd-questions@freebsd.org>;
	Wed,  6 Jun 2007 10:43:01 +0000 (UTC)
	(envelope-from freminlins@gmail.com)
Received: from an-out-0708.google.com (an-out-0708.google.com [209.85.132.244])
	by mx1.freebsd.org (Postfix) with ESMTP id 9C19513C45A
	for <freebsd-questions@freebsd.org>;
	Wed,  6 Jun 2007 10:43:01 +0000 (UTC)
	(envelope-from freminlins@gmail.com)
Received: by an-out-0708.google.com with SMTP id c14so23225anc
	for <freebsd-questions@freebsd.org>;
	Wed, 06 Jun 2007 03:43:01 -0700 (PDT)
DKIM-Signature: a=rsa-sha1; c=relaxed/relaxed; d=gmail.com; s=beta;
	h=domainkey-signature:received:received:message-id:date:from:to:subject:mime-version:content-type;
	b=hnjRfMkrzYpPbhn+/zDgg3uPG0vmJloY1RWaUwkMmTeWW5BqX2FNxQD0oUG/QTn+SlGVefSmbFFv5JKhbnVqodi566W7y7Wytiom/XMxk8kvz9X/zRfy0UfYHOVn8yaWwdMXG2D/7ObxDWOY8VUjUD0UtCp0t59zvtiirD0+3Cs=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta;
	h=received:message-id:date:from:to:subject:mime-version:content-type;
	b=rGpZGdIx6c3qzn7qtH2gTzUQLV+K6nne/PCB0CcPMdmeh6phATVK+inMz9V6Q5sTJv1cyOrsbDS6/giImo5nX848UeOVuEAmx6alpf5aZqEK0Aa4KeI7ijJO0mCdTmg/qH/BqFznrEnH9ndDNBoXIHTyVDUJ6xavWyCc5Gg+Fqs=
Received: by 10.100.40.17 with SMTP id n17mr195408ann.1181124920318;
	Wed, 06 Jun 2007 03:15:20 -0700 (PDT)
Received: by 10.100.152.15 with HTTP; Wed, 6 Jun 2007 03:15:20 -0700 (PDT)
Message-ID: <eeef1a4c0706060315i2bac1443w2acb0e29dd46652f@mail.gmail.com>
Date: Wed, 6 Jun 2007 11:15:20 +0100
From: Freminlins <freminlins@gmail.com>
To: "FreeBSD Questions" <freebsd-questions@freebsd.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
X-Content-Filtered-By: Mailman/MimeDel 2.1.5
Subject: ipfw - limit other networks
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 06 Jun 2007 10:43:01 -0000

Hi,

I am trying to limit the number of connections from "foreign" networks to a
server. I don't want to limit bandwidth, just the number of connections.
Let's say I have a network 192.168.1.0/24. I want to allow 192.168.2.0/24 to
have at most 50 connections. I want to allow 192.168.3.0/24 to have 20
connections. And so on. Is this even possible? Some applications can do this
but I would prefer to do this at the network level.

I can limit connections on a per IP basis easily, but that isn't what I am
looking for.


Cheers,
Frem.