From owner-freebsd-questions Mon Feb 5 6:45: 9 2001 Delivered-To: freebsd-questions@freebsd.org Received: from dsl-64-193-218-89.telocity.com (dsl-64-193-218-89.telocity.com [64.193.218.89]) by hub.freebsd.org (Postfix) with SMTP id 8304637B503 for ; Mon, 5 Feb 2001 06:44:52 -0800 (PST) Received: (qmail 16778 invoked by uid 1000); 5 Feb 2001 14:42:19 -0000 Date: Mon, 5 Feb 2001 08:42:18 -0600 From: Lucas Bergman To: Richard Ward Cc: freebsd-questions@freebsd.org Subject: Re: Limiting connections w/ ftpd Message-ID: <20010205084218.A19317@billygoat.slb.to> Reply-To: lucas@slb.to References: <009d01c08f3d$f7a77de0$0101a8c0@pavilion> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <009d01c08f3d$f7a77de0$0101a8c0@pavilion>; from mh@neonsky.net on Mon, Feb 05, 2001 at 01:36:23AM -0500 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > I've been recently getting flooded with connections via ftp, and I > was wondering how to limit ftp connections per IP address to stop > "connection floods" from a single host name. I can't find much > documentation on the standard FreeBSD "ftpd" that explains how this > would be done. ftpd doesn't know how many simultaneous connections are being made, since each ftpd only handles one connection; inetd handles the starting of multiple daemons. Stock inetd does not have a facility for concurrency limits. You'll have to use /TCP Wrappers/ or /ucspi-tcp/; they're both in ports. I've used /ucspi-tcp/ with good results. Lucas To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message