[OmniOS-discuss] IPFILTER Rate Limiting
Dan McDonald
danmcd at omniti.com
Tue Apr 25 17:41:36 UTC 2017
Read up on flowadm(1M) - this is a better tool for rate limiting.
Dan
Sent from my iPhone (typos, autocorrect, and all)
> On Apr 25, 2017, at 1:29 PM, Software Information <softwareinforjam at gmail.com> wrote:
>
> Hi All
> I have been trying to find some ipfilter documentation that will show me how to rate limit to a particular port in OmniOS. I really want to rate limit users logging on using ssh to seriously discourage the brute forcers. I am more used to putting lines like this in pf.conf on a BSD.
>
> 1. table <abusive_ips> persist
>
> 2. block in quick from <abusive_ips>
>
> 3. pass in on $interface proto tcp to $interface port 53 flags S/SA keep state \
> (max-src-conn-rate 15/5, overload <abusive_ips> flush)
>
> Can anyone show me where some good docs are on how to accomplish this on Omni?
>
> Regards
>
> _______________________________________________
> OmniOS-discuss mailing list
> OmniOS-discuss at lists.omniti.com
> http://lists.omniti.com/mailman/listinfo/omnios-discuss
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://omniosce.org/ml-archive/attachments/20170425/7153e547/attachment-0001.html>
More information about the OmniOS-discuss
mailing list