Date: Wed, 1 May 2002 11:35:17 -0400 From: "Colin Legendre" <sudz@ns3g.com> To: "hh" <hh@dsgx.org>, <freebsd-questions@FreeBSD.ORG> Subject: RE: see this . Message-ID: <EGEAJNBPMIDPDNBOENHFOEDPFDAA.sudz@ns3g.com> In-Reply-To: <20020501024051.42e9f1b9.hh@dsgx.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Did you only CVSUP or did you also make world after? Simply cvsup does not update ipfw, you also need to rebuild the world and your kernel after. Colin Legendre CCNP, MCP sudz@ns3g.com http://www.ns3g.com -----Original Message----- From: owner-freebsd-questions@FreeBSD.ORG [mailto:owner-freebsd-questions@FreeBSD.ORG]On Behalf Of hh Sent: Tuesday, April 30, 2002 10:41 PM To: freebsd-questions@FreeBSD.ORG Subject: see this . i made cvsup so i could get the latest version of ipfw .. so i could use the limit option but guess some# man ipfw |grep limit These dynamic rules, which have a limited lifetime, are checked at the limitation using WF2Q). ging limit rather than net.inet.ip.fw.verbose_limit, where the value ``0'' removes the logging limit. Logging may then be re- Console logging and the log limit are adjustable dynamically limited to the bits which are set in the mask. and the length of the port list is limited to IP_FW_MAX_PORTS same protocol. The rule has a limited lifetime (con- A value of 0 (default) means unlimited bandwidth. The unit must Maximum number of dynamic rules. When you hit this limit, no A first and efficient way to limit access (not using dynamic rules) is To limit the number of connections a user can open you can use the fol- ipfw add allow tcp from my-net/24 to any setup limit src-addr 10 -> ipfw add allow tcp from any to me setup limit src-addr 4 such attacks can be partially limited by acting on a set of sysctl(8) We can use pipes to artificially limit bandwidth, e.g. on a machine act- ing as a router, if we want to limit traffic from local clients on Should we like to simulate a bidirectional link with bandwidth limita- connection often becomes a limiting factor much more than bandwidth: all traffic. Because the pipes have no limitations, the only effect is A more sophisticated example is limiting the outbound traffic on a net with per-host limits, rather than per-network limits: that's the option im try 1.1.1.1 -> i changed because i didn't wanna tell my real addr .. oh well u guys can understand and im running in 4.4-RELEASE-p9 i updated the src .. probably is 4.5p4 now .. and on the another machine is an 4.5p2 .. and this same commands works .. how should i proceed ? the only way is to build/install world .. and recompile kernel and reboot ? thx for your time some# ipfw add allow tcp from any to 1.1.1.1 80 limit src-addr 20 ipfw: error: unknown argument ``limit'' .. and bellow here show me all the help of ipfw .. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?EGEAJNBPMIDPDNBOENHFOEDPFDAA.sudz>