Re: Limit number of outgoing connections

To:	ipfilter@coombs.anu.edu.au
Subject:	Re: Limit number of outgoing connections
From:	"a b" <tripivceta@hotmail.com>
Date:	Fri, 22 Dec 2006 18:59:05 +0100
Delivered-to:	sp-com-lists@consult.net
Delivered-to:	ipfilter-list@securepoint.com
In-reply-to:	<458BCFA8.2090002@reed.wattle.id.au>
Sender:	owner-ipfilter@coombs.anu.edu.au

You can define a limit per-rule, like this:

pass in proto tcp from any to any port  6881:6889  flags S keep state
(limit 10)


Hello Darren,

would you please elaborate more on the ####:#### port syntax? Must the(limit N) syntax be always combined with a port construct?

pass in proto tcp from any to any port  6881:6889  flags S keep state
pass in proto tcp from any to any port = ssh flags S keep state (limit10)
Will *always allow* upto 10 ssh connections, even if there are 100
bittorrent
connections.

Wouldn't it be cleaner to increase the size of the state table via an IPFdirective?


_________________________________________________________________

Express yourself instantly with MSN Messenger! Download today it's FREE!http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/

<Prev in Thread]	Current Thread	[Next in Thread>
Limit number of outgoing connections, Toomas Aas Re: Limit number of outgoing connections, Darren Reed Re: Limit number of outgoing connections, a b <= Re: Limit number of outgoing connections, Darren Reed

Previous by Date:	Re: NAT and age, Darren Reed
Next by Date:	Re: Limit number of outgoing connections, Darren Reed
Previous by Thread:	Re: Limit number of outgoing connections, Darren Reed
Next by Thread:	Re: Limit number of outgoing connections, Darren Reed
Indexes:	[Date] [Thread] [Top] [All Lists]