-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Antonio Montani Jimenez wrote:
| Hello everyone.
| I have been searching for a while on the net but have not found
anything similar to what i need.
| I have a management server that must authenticate to a RADIUS server.
When the MGT sends the auth request, the RADIUS server answers in about
2 seconds. The issue is that the MGT server will send a new request 1
second after the first one, and the RADIUS server will not reply and
block the address because it is receiving 2 requests from the same
server and it thinks there is a security breach.
| I thought I could use the --limit option on iptables (will allow the
server to send ONLY one request per second and block the rest), but i'm
working on Solaris, and what I found was ipfilter, not iptables. I have
not, however, find a similar option that limits the ammount of
determinate packets on a time basis (1 udp packet going to some port
will pass only every 2 seconds)
| Is there a feature that will support this?
I think what you want is:
pass in quick proto udp from any to radius_server port = radius_port pps 1
(pps = packets per second)
Darren
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iEYEARECAAYFAkiHr4QACgkQP7JIXtvLbFUktgCeLgoWBB8/5tk1J4AnkD7MBS0M
W5QAoObHOXM3nXii8LhlnIodfkwRT6wi
=Z+S/
-----END PGP SIGNATURE-----
