rate limit with pf instead of IPFW
John Smith
almarrie at gmail.com
Thu Nov 23 19:01:14 UTC 2006
On 11/23/06, Jon Simola <jsimola at gmail.com> wrote:
> On 11/23/06, John Smith <almarrie at gmail.com> wrote:
> > Greetings BPF gurus!
>
> PF? bpf is different and has little to do with firewalling.
>
> > Could someone please give me full example to setup
> > limit {src-addr | src-port | dst-addr | dst-port} to do what IPFW
> > 01000 allow tcp from any to me setup limit src-addr 5 currently does
>
> I use something like this:
>
> pass in on $ext_if proto tcp from any to $ext_if port smtp flags S/SA
> keep state (source-track rule, mac-src-states 5)
>
> --
Greetings Jon,
Could you please post your pf.conf with the rules so I can use it as a guide?
Thank you,
-J
> Jon
>
More information about the freebsd-pf
mailing list