From owner-freebsd-questions Fri Jan 3 15:49:39 2003 Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 45E7B37B401 for ; Fri, 3 Jan 2003 15:49:38 -0800 (PST) Received: from fb.homeunix.org (b3ia35ony1219.ab.hsia.telus.net [66.222.134.53]) by mx1.FreeBSD.org (Postfix) with ESMTP id A6ABE43EC5 for ; Fri, 3 Jan 2003 15:49:37 -0800 (PST) (envelope-from sysop@fb.homeunix.org) Received: from winxp (winxp [10.0.0.3]) by fb.homeunix.org (8.12.6/8.12.6) with SMTP id h03NnMnA001037; Fri, 3 Jan 2003 16:49:22 -0700 (MST) (envelope-from sysop@fb.homeunix.org) Message-ID: <008801c2b382$bb9352f0$0300000a@winxp> From: "Konstantin Borovik" To: "Hari Bhaskaran" , References: <20030103143545.A83820@spider.netmails.net> Subject: Re: incoming bandwidth limiting using ipfilter Date: Fri, 3 Jan 2003 16:49:19 -0700 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2800.1106 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG May be /usr/ports/sysutils/ipa is the answer to your problem. Quote from port description: ipa(8) allows to make IP accounting (network accounting) based on FreeBSD IPv4/v6 Firewall (including IPFW2), OpenBSD Packet Filter and IP Filter accounting rules on FreeBSD, NetBSD and OpenBSD. It supports limits for accounting rules and limits events as "limit is reached", "reached limit is expired", etc. It understands time intervals like "end of day", "end of week", "end of month", etc. ipastat(8) is a viewer for IP accounting database made by ipa(8). WWW: http://www.simon.org.ua/ipa/ - Andrey Simonenko simon@simon.org.ua simon@comsys.ntu-kpi.kiev.ua > Hi, > > Is there a way to limit incoming traffic (bandwidth) using > ipfilter/ipfw or any such software tool?. I am running a mail > server and I pay per GB transfered. If I have my ISP do the > limiting, they charge extra $$ for it. I know I can limit > incoming mail size via the mail server. But still doesn't > prevent someone from sending a lot of mail or fill up > a 100mbps line for 24 hrs/day. > > > I am not looking for a perfect solution, and I do realize > ddos attacks and such are still possible. I am only looking > for a reasonable solution. > > Any help is appreciated > > -- > Hari Bhaskaran > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message