On Fri, 11 Jan 2002, Abdul Basit wrote: > hey > i wonder how can you implement rule of this type > 'if more than 4 connections from same IP connects > to port 80(or any port) of some dest. IP then block it ? '
It's probably possible with a few tools, but it's also probably a really bad idea for HTTP. > do application level firewalls handles it ? > if then do anyone know of any for *BSD systems ? There's probably some QoS stuff that will do it, or wouldn't take much changing to do it. If not, try looking for load balancing things. It really sounds like you're looking for a QoS type solutions though. Don't forget that HTTP clients generally do a GET for each page, as well as for each image on a page, each with a seperate connection- that means that a page with 4 images wouldn't load correctly if you tried to implement this for an HTTP 1.0 client accessing a Web server. Paul ----------------------------------------------------------------------------- Paul D. Robertson "My statements in this message are personal opinions [EMAIL PROTECTED] which may have no basis whatsoever in fact." _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] http://lists.gnac.net/mailman/listinfo/firewalls
