Skip site navigation (1)Skip section navigation (2)
Date:      Mon, 26 Feb 2007 15:33:26 +0100
From:      "Nikola Stojanoski" <>
To:        "Jordi Moles" <>, <>
Subject:   Re: ipfw along with netstat
Message-ID:  <001401c759b3$1c169ad0$02170a0a@Nikola>
References:  <>

Next in thread | Previous in thread | Raw E-Mail | Index | Archive | Help
you can use limit for that. here is the part about limit in ipfw manual:

     limit {src-addr | src-port | dst-addr | dst-port} N
             The firewall will only allow N connections with the same set of
             parameters as specified in the rule.  One or more of source and
             destination addresses and ports can be specified.

so a simple way to limit max connections per ip is:

ipfw add allow ip from any to any limit src-addr 100

this way you will limiit yourself also with 100 connections per ip, but you 
can play around with recv, xmit, via and other settings to fit your needs


----- Original Message ----- 
From: "Jordi Moles" <>
To: <>
Sent: Monday, February 26, 2007 10:36 AM
Subject: ipfw along with netstat

> hi,
> I've done a lot of research about that but found anything like i need. I'm 
> running an ipfw firewall on a FreeBSD 6.1 and i wonder if ipfw can add 
> rules automatically when it detects, for example, that an ip address has 
> 100 connections open in the server. I'm doing a similar thing with a perl 
> script and netstat. The script counts how many connections an ip address 
> opened and it automatically adds a new rule to the firewall, but I'm 
> looking for a way in which ipfw does that on its own.
> thank you.
> _______________________________________________
> mailing list
> To unsubscribe, send any mail to "" 

Want to link to this message? Use this URL: <$1c169ad0$02170a0a>