Date: Wed, 10 Dec 2003 19:08:56 +0800 From: victor <victor@outblaze.com> To: Kang Liu <liukang@bjpu.edu.cn> Cc: freebsd-ipfw@freebsd.org Subject: Re: can ipfw do this? Message-ID: <3FD6FEC8.9090307@outblaze.com> In-Reply-To: <007501c3bf0a$d283d860$e04e70ca@bjpu.edu.cn> References: <007501c3bf0a$d283d860$e04e70ca@bjpu.edu.cn>
next in thread | previous in thread | raw e-mail | index | archive | help
Wonderful! thank you very much sir, I will give this a try asap. Tor. Kang Liu wrote: >>-----Original Message----- >>From: owner-freebsd-ipfw@freebsd.org >>[mailto:owner-freebsd-ipfw@freebsd.org] On Behalf Of victor >>Sent: Wednesday, December 10, 2003 5:53 PM >>To: freebsd-ipfw@freebsd.org >>Subject: can ipfw do this? >> >> >>Forgive me if this question has been asked before, I'm >>totoally new to >>ipfw. I'm looking forward to setup 'something' to limit the >>number of >>connection my smtp box would accept from a single IP address and I >>pictured firewall would be the most likely candidate. >> >> >> >use ipfw with dynamic rules can slove your problem. >e.g. >ipfw add allow tcp from any to any established >ipfw add allow tcp from some_where to my_server_ip server_some_ports limit src-addr num_of_connection_pre_ip setup > >I suggest you use ipfw1 if it is a production server, >there might be some problems in ipfw2 when use dynamic rules. > >Kang. > >_______________________________________________ >freebsd-ipfw@freebsd.org mailing list >http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw >To unsubscribe, send any mail to "freebsd-ipfw-unsubscribe@freebsd.org" > > > -- <!--------------------------------------------- Victor Development Engineer Outblaze Ltd ---------------------------------------------->
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3FD6FEC8.9090307>