Date: Wed, 10 Dec 2003 18:46:08 +0800 From: "Kang Liu" <liukang@bjpu.edu.cn> To: <victor@outblaze.com>, <freebsd-ipfw@freebsd.org> Subject: RE: can ipfw do this? Message-ID: <007501c3bf0a$d283d860$e04e70ca@bjpu.edu.cn> In-Reply-To: <271049355.25780@bjpu.edu.cn>
next in thread | previous in thread | raw e-mail | index | archive | help
> -----Original Message----- > From: owner-freebsd-ipfw@freebsd.org > [mailto:owner-freebsd-ipfw@freebsd.org] On Behalf Of victor > Sent: Wednesday, December 10, 2003 5:53 PM > To: freebsd-ipfw@freebsd.org > Subject: can ipfw do this? > > > Forgive me if this question has been asked before, I'm > totoally new to > ipfw. I'm looking forward to setup 'something' to limit the > number of > connection my smtp box would accept from a single IP address and I > pictured firewall would be the most likely candidate. > use ipfw with dynamic rules can slove your problem. e.g. ipfw add allow tcp from any to any established ipfw add allow tcp from some_where to my_server_ip server_some_ports limit src-addr num_of_connection_pre_ip setup I suggest you use ipfw1 if it is a production server, there might be some problems in ipfw2 when use dynamic rules. Kang.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?007501c3bf0a$d283d860$e04e70ca>