From owner-freebsd-questions@freebsd.org  Fri May 27 19:36:07 2016
Return-Path: <owner-freebsd-questions@freebsd.org>
Delivered-To: freebsd-questions@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 490FDB4CAB2
 for <freebsd-questions@mailman.ysv.freebsd.org>;
 Fri, 27 May 2016 19:36:07 +0000 (UTC)
 (envelope-from will_squire@hotmail.co.uk)
Received: from BLU004-OMC4S27.hotmail.com (blu004-omc4s27.hotmail.com
 [65.55.111.166])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits))
 (Client CN "*.outlook.com", Issuer "Microsoft IT SSL SHA2" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 13F4A1DC2
 for <freebsd-questions@freebsd.org>; Fri, 27 May 2016 19:36:06 +0000 (UTC)
 (envelope-from will_squire@hotmail.co.uk)
Received: from BLU436-SMTP92 ([65.55.111.137]) by BLU004-OMC4S27.hotmail.com
 over TLS secured channel with Microsoft SMTPSVC(7.5.7601.23008); 
 Fri, 27 May 2016 12:34:59 -0700
X-TMN: [yhQgMu0O+qY0EaxFzXNk7K/ZK7kCQ1oU]
X-Originating-Email: [will_squire@hotmail.co.uk]
Message-ID: <BLU436-SMTP926330783884990F4A0231DA420@phx.gbl>
From: Will Squire <will_squire@hotmail.co.uk>
Subject: Can ipfw be used to limit concurrent requests from an IP?
Date: Fri, 27 May 2016 20:34:56 +0100
To: freebsd-questions@freebsd.org
MIME-Version: 1.0 (Mac OS X Mail 9.3 \(3124\))
X-Mailer: Apple Mail (2.3124)
X-OriginalArrivalTime: 27 May 2016 19:34:57.0977 (UTC)
 FILETIME=[DA4B1A90:01D1B84E]
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
X-Content-Filtered-By: Mailman/MimeDel 2.1.22
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-questions>, 
 <mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions/>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
 <mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 27 May 2016 19:36:07 -0000

Can ipfw limit the number requests in a given amount of time from a =
specific IP?

To contextualise, if an IP sends requests in high concurrency (let's say =
50 a second) can ipfw either block requests the exceed a threshold for =
that second (lets say the threshold is 20, 30 would be blocked), or =
ban/deny the given IP for exceeding a threshold?

The aim is to lessen strain under DoS attacks, specifically for HTTP. =
The system is using Apache and mod_evasive has been added and tested, =
but it is not functioning correctly.=20

(P.S. The freebsd-ipfw list seems to be for development of the =
technology only, so asking this here. Please let me know if this isn=E2=80=
=99t the case)


Thanks=20

Kind regards,=20

Will Squire=