On Thu, Dec 11, 2003 at 04:38:46PM -0000, Dom De Vitto wrote: > I know where you're heading with this, and every pass rule can > specify the number of connections, as well as other things.
This is different from what Yusuf asked for. What you can specify is the global number of connections. If you specify 20 and someone keeps 20 open connections, no one can connect, even from other networks. What he needs is a limit per network, for instance 20 connections per /24. DoS is still possible but only distributed, it at least stops some kiddies. The global limit is distinct and can be way higher. And no, PF doesn't support this. -- __ /*- Frank DENIS (Jedi/Sector One) <j at 42-Networks.Com> -*\ __ \ '/ <a href="http://www.PureFTPd.Org/";> Secure FTP Server </a> \' / \/ <a href="http://www.Jedi.Claranet.Fr/";> Misc. free software </a> \/
