tcp session limit with ipfw
dnr
dnr at freemail.lt
Fri May 27 05:19:37 PDT 2005
is there any possibility to limit tcp session count let's say from 3 to 2 for any port separately?
for examples:
establishing 3 active ftp sessions from 10.10.10.2 to 10.10.10.1 and doing transfer via 1 session we have:
10.10.10.1.ftp - 10.10.10.2.57185 - ESTABLISHED
10.10.10.1.ftp - 10.10.10.2.55069 - ESTABLISHED
10.10.10.1.ftp - 10.10.10.2.60589 - ESTABLISHED
10.10.10.1.ftp - 10.10.10.2.59201 - TIME_WAIT
10.10.10.1.ftp - 10.10.10.2.57144 - TIME_WAIT
10.10.10.1.ftp - 10.10.10.2.61237 - ESTABLISHED ---> DATA transfer
so, how limit using IPFW any other atempts to establish ftp session number 4,5 etc... so we could use maximum 3sessions/1 IPaddrs?
thnx
More information about the freebsd-net
mailing list