Packet rate limiter
Peter N. M. Hansteen
peter at bsdly.net
Thu Feb 8 11:04:34 UTC 2007
Jan Sebosik <sebosik at demax.sk> writes:
> is there any way how to limit packet per second [PPS] rate to specified
> IP (group of IP) ?
The closest I can think of off the top of my head is defining a PF
rule set with queues (ALTQ), however you will be specifying bandwidth,
that is in bits per second (or k,M,G multiples of) of percentage of
available bandwidth, not number of packets. Your groups of source
addresses could be maintained as tables for easy manipulation.
--
Peter N. M. Hansteen, member of the first RFC 1149 implementation team
http://www.blug.linux.no/rfc1149/ http://www.datadok.no/ http://www.nuug.no/
"First, we kill all the spammers" The Usenet Bard, "Twice-forwarded tales"
delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.
More information about the freebsd-questions
mailing list