From owner-freebsd-questions@FreeBSD.ORG  Wed Jun  6 10:48:34 2007
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
X-Original-To: freebsd-questions@freebsd.org
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id 0CE2016A46F
	for <freebsd-questions@freebsd.org>;
	Wed,  6 Jun 2007 10:48:34 +0000 (UTC)
	(envelope-from almarrie@gmail.com)
Received: from an-out-0708.google.com (an-out-0708.google.com [209.85.132.248])
	by mx1.freebsd.org (Postfix) with ESMTP id 1F1BF13C448
	for <freebsd-questions@freebsd.org>;
	Wed,  6 Jun 2007 10:48:31 +0000 (UTC)
	(envelope-from almarrie@gmail.com)
Received: by an-out-0708.google.com with SMTP id c14so23521anc
	for <freebsd-questions@freebsd.org>;
	Wed, 06 Jun 2007 03:48:31 -0700 (PDT)
DKIM-Signature: a=rsa-sha1; c=relaxed/relaxed; d=gmail.com; s=beta;
	h=domainkey-signature:received:received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references;
	b=pSrhY1fCQuCm1i2hX27XVmecveFQq6lYGnXRSCZeOVGcd+NJF+T/OhfQzUZ/Cb/eOb/J6J/dQQ+GD2lG1t1gV1vgveT7oTaVHTf6yMmqD47HBPy8zzuV9s+qJqKcVTCgOWnyXEeobndCunDjDBNO+mX+fDQczQ6+Yp8XivL857A=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta;
	h=received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references;
	b=krfvD6p/bO9pMpHs/rBCEQnLpIqHgecSfNjrlCiZGoHPBWbJgIKXUxRIkx5mhvio1SpqGlx/6ZW5+eat0+gkXTySERh/3tan3lG3mnbHw7whbcTN6aXBRmHsLzzTfNEkacLmx8GNXIKyvaq53qKecR4PgPQfgkMSgIuZiXMa1J0=
Received: by 10.100.40.17 with SMTP id n17mr194973ann.1181126911337;
	Wed, 06 Jun 2007 03:48:31 -0700 (PDT)
Received: by 10.100.9.14 with HTTP; Wed, 6 Jun 2007 03:48:31 -0700 (PDT)
Message-ID: <499c70c0706060348kbd4b9ap8508f5cd32a33e82@mail.gmail.com>
Date: Wed, 6 Jun 2007 13:48:31 +0300
From: "Abdullah Ibn Hamad Al-Marri" <almarrie@gmail.com>
To: Freminlins <freminlins@gmail.com>
In-Reply-To: <eeef1a4c0706060315i2bac1443w2acb0e29dd46652f@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
References: <eeef1a4c0706060315i2bac1443w2acb0e29dd46652f@mail.gmail.com>
Cc: FreeBSD Questions <freebsd-questions@freebsd.org>
Subject: Re: ipfw - limit other networks
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 06 Jun 2007 10:48:34 -0000

On 6/6/07, Freminlins <freminlins@gmail.com> wrote:
> Hi,
>
> I am trying to limit the number of connections from "foreign" networks to a
> server. I don't want to limit bandwidth, just the number of connections.
> Let's say I have a network 192.168.1.0/24. I want to allow 192.168.2.0/24 to
> have at most 50 connections. I want to allow 192.168.3.0/24 to have 20
> connections. And so on. Is this even possible? Some applications can do this
> but I would prefer to do this at the network level.
>
> I can limit connections on a per IP basis easily, but that isn't what I am
> looking for.
>
>
> Cheers,
> Frem.

Hello Frem,

You may need to check pf instead of ipfw.
-- 
Regards,

-Abdullah Ibn Hamad Al-Marri
Arab Portal
http://www.WeArab.Net/