From owner-freebsd-questions  Tue May 29 13:56:49 2001
Delivered-To: freebsd-questions@freebsd.org
Received: from relay4.inwind.it (relay4.inwind.it [212.141.53.75])
	by hub.freebsd.org (Postfix) with ESMTP id 118E337B43F
	for <questions@FreeBSD.ORG>; Tue, 29 May 2001 13:56:31 -0700 (PDT)
	(envelope-from fcasadei@inwind.it)
Received: from [62.98.202.60] (62.98.202.60) by relay4.inwind.it (5.5.029)
        id 3AF9945F00653271 for questions@FreeBSD.ORG; Tue, 29 May 2001 22:56:06 +0200
Received: (qmail 6231 invoked by uid 1000); 29 May 2001 20:54:16 -0000
Date: Tue, 29 May 2001 22:54:16 +0200
From: Francesco Casadei <fcasadei@inwind.it>
To: "Ilia E. Chipitsine" <ilia@cgu.chel.su>
Cc: questions@FreeBSD.ORG
Subject: Re: limiting TCP connections (basic firewall tricks)
Message-ID: <20010529225416.A6101@goku.kasby>
References: <Pine.BSF.4.33.0105291034490.23467-100000@mail.cgu.chel.su>
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-md5;
	protocol="application/pgp-signature"; boundary="ReaqsoxgOBHFXBhH"
Content-Disposition: inline
User-Agent: Mutt/1.2.5i
In-Reply-To: <Pine.BSF.4.33.0105291034490.23467-100000@mail.cgu.chel.su>; from ilia@cgu.chel.su on Tue, May 29, 2001 at 10:37:36AM +0600
X-Operating-System: FreeBSD 4.3-STABLE i386
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-questions.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo?subject=subscribe%20freebsd-questions>
List-Unsubscribe: <mailto:majordomo?subject=unsubscribe%20freebsd-questions>
X-Loop: FreeBSD.ORG


--ReaqsoxgOBHFXBhH
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Tue, May 29, 2001 at 10:37:36AM +0600, Ilia E. Chipitsine wrote:
> Dear Sirs,
>=20
> I don't want to block connections from bad.host.com to good.host.com
> at port 3128, I'd like that there would be no more than 10 sessions
> simultenously in any state (even in TIME_WAIT), I do not want to block
> connections at all.
>=20
> any suggestions ?
>=20
> regards,
> Ilia Chipitsine
>=20
>=20
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-questions" in the body of the message
>=20
> end of the original message

Take a look at D. J. Bernstein's ucspi-tcp package, it contains a program
called tcpserver that handles incoming TCP connections.
Visit http://cr.yp.to/ucspi-tcp/tcpserver.html for more information.

	Francesco Casadei

--=20
You can download my public key from http://digilander.iol.it/fcasadei/
or retrieve it from a keyserver (pgpkeys.mit.edu, wwwkeys.pgp.net, ...)

Key fingerprint is: 1671 9A23 ACB4 520A E7EE  00B0 7EC3 375F 164E B17B


--ReaqsoxgOBHFXBhH
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.5 (FreeBSD)
Comment: For info see http://www.gnupg.org

iD8DBQE7FAx4fsM3XxZOsXsRAqapAJ9xxWUmEotzLfYBTBoM74EDaMITSwCgo1f0
G1IAOIB9xBbZTcMK99EMK+E=
=ziSI
-----END PGP SIGNATURE-----

--ReaqsoxgOBHFXBhH--

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message