I know where you're heading with this, and every pass rule can
specify the number of connections, as well as other things.
man pf.conf for details, but this was taken right from it:
pass in proto tcp from any to any \
port www flags S/SA keep state \
(max 100, tcp.established 60, tcp.closing 5)
Enjoy.
Dom
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Dom De Vitto Tel. 07855 805 271
http://www.devitto.com mailto:[EMAIL PROTECTED]
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of
Yusuf Goolamabbas
Sent: Thursday, December 11, 2003 12:31 PM
To: [EMAIL PROTECTED]
Subject: Anything approximating ipfw 'limit' mechanism
Hi, Is there anything planned for pf or available right now which can
approximate FreeBSD's ipfw 'limit' mechanism
limit {src-addr | src-port | dst-addr | dst-port} N
The firewall will only allow N connections with the same set of
parameters as specified in the rule. One or more of source and
destination addresses and ports can be specified.
Nice to have, limits per /24. ie, N connections from any or defined /24
coming in
Regards, Yusuf
--
If you're not using Firebird, you're not surfing the web
you're suffering it
http://www.mozilla.org/products/firebird/why/
