Hmmm... had that setup - however my connection then was limited to rather low speed. From a 6MBit connection I had suddenly only 2 to 3mbit available. Using the tcclasses config-file.
I don't want to limit people in speed. However, I have identified some port-scanning that were quite heavy sometimes back - and I just wanted to limit the number of new connections per time-frame per host... Any better idea of doing that ? Thanks Joerg <quote who="Tom Eastep"> [...] > with using LIMIT/BURST is that if some people really want fast > access then *other* people may be locked out. LIMIT/BURST limits the total > number of connections *from all clients*. > > If you want to Limit the per-client connection rate, you need to use the > 'Limit' action. With DNAT that means that you must configure separate > DNAT- > and Limit rules. -- ------------------------------------------------------------------------ | Joerg Mertin : [EMAIL PROTECTED] (Home)| | in Forchheim/Germany : [EMAIL PROTECTED] (Alt1)| | Stardust's LiNUX System : | | Web: http://www.solsys.org | ------------------------------------------------------------------------ PGP Fingerprint: AF0F FB75 997B 025F 4538 5AD6 9888 5D97 170B 8B7A ------------------------------------------------------------------------- This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/ _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
