Skip site navigation (1)Skip section navigation (2) 
Date:      Wed, 1 May 2002 02:40:51 +0000
From:      hh <hh@dsgx.org>
To:        freebsd-questions@freebsd.org
Subject:   see this .
Message-ID:  <20020501024051.42e9f1b9.hh@dsgx.org>
next in thread | raw e-mail | index | archive | help 

i made cvsup so i could get the latest version of ipfw .. so i could use the limit option but guess
some# man ipfw |grep limit
     These dynamic rules, which have a limited lifetime, are checked at the
                     limitation using WF2Q).
             ging limit rather than net.inet.ip.fw.verbose_limit, where the
             value ``0'' removes the logging limit.  Logging may then be re-
             Console logging and the log limit are adjustable dynamically
             limited to the bits which are set in the mask.
             and the length of the port list is limited to IP_FW_MAX_PORTS
                     same protocol.  The rule has a limited lifetime (con-
             A value of 0 (default) means unlimited bandwidth.  The unit must
             Maximum number of dynamic rules.  When you hit this limit, no
     A first and efficient way to limit access (not using dynamic rules) is
     To limit the number of connections a user can open you can use the fol-
           ipfw add allow tcp from my-net/24 to any setup limit src-addr 10
->           ipfw add allow tcp from any to me setup limit src-addr 4
     such attacks can be partially limited by acting on a set of sysctl(8)
     We can use pipes to artificially limit bandwidth, e.g. on a machine act-
     ing as a router, if we want to limit traffic from local clients on
     Should we like to simulate a bidirectional link with bandwidth limita-
     connection often becomes a limiting factor much more than bandwidth:
     all traffic.  Because the pipes have no limitations, the only effect is
     A more sophisticated example is limiting the outbound traffic on a net
     with per-host limits, rather than per-network limits:


that's the option im try
1.1.1.1 -> i changed because i didn't wanna tell my real addr .. oh well u guys can understand
and im running in 
4.4-RELEASE-p9 
i updated the src .. probably is 4.5p4 now .. 
and on the another machine is an 4.5p2 .. and this same commands works .. how should i proceed ? the only way is to build/install world .. and recompile kernel and reboot ? 
thx for your time


some# ipfw add allow tcp from any to 1.1.1.1 80 limit src-addr 20
ipfw: error: unknown argument ``limit''

.. and bellow here show me all the help of ipfw ..

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020501024051.42e9f1b9.hh>