From owner-freebsd-hackers Sun Jun 23 10:42:51 2002 Delivered-To: freebsd-hackers@freebsd.org Received: from iguana.icir.org (iguana.icir.org [192.150.187.36]) by hub.freebsd.org (Postfix) with ESMTP id D708B37B400; Sun, 23 Jun 2002 10:42:43 -0700 (PDT) Received: (from rizzo@localhost) by iguana.icir.org (8.11.6/8.11.3) id g5NHghB05915; Sun, 23 Jun 2002 10:42:43 -0700 (PDT) (envelope-from rizzo) Date: Sun, 23 Jun 2002 10:42:43 -0700 From: Luigi Rizzo To: Nik Clayton Cc: Giorgos Keramidas , hackers@FreeBSD.ORG Subject: Re: Limiting clients per source IP address (ftpd, inetd, etc.) Message-ID: <20020623104243.A5734@iguana.icir.org> References: <20020621000924.GA2178@hades.hell.gr> <20020623181950.A42156@clan.nothing-going-on.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5.1i In-Reply-To: <20020623181950.A42156@clan.nothing-going-on.org>; from nik@FreeBSD.ORG on Sun, Jun 23, 2002 at 06:19:51PM +0100 Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Sun, Jun 23, 2002 at 06:19:51PM +0100, Nik Clayton wrote: > On Fri, Jun 21, 2002 at 03:09:25AM +0300, Giorgos Keramidas wrote: > > I've been thinking for quite some time to add per-client-IP limiting > > to ftpd, > > I needed to do this. > > Then I discovered that ipfw's "limit" directive lets you limit the > number of incoming connections, which proved much more powerful. the funny thing is that when i implemented it i thought it was completely useless :) As a matter of fact, I still think that, at least for resource management purposes. It may have its good use for protection against denial-of-service attacks though. cheers luigi To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message