[OmniOS-discuss] IPFILTER Rate Limiting
Brad Stone
bstone at aspirinsoftware.com
Tue Apr 25 17:52:58 UTC 2017
I could be wrong, but I think flowadm can control only the priority and max
bandwidth for the traffic, not
the connection rate.
-Brad
On Tue, Apr 25, 2017 at 10:41 AM, Dan McDonald <danmcd at omniti.com> wrote:
> Read up on flowadm(1M) - this is a better tool for rate limiting.
>
> Dan
>
> Sent from my iPhone (typos, autocorrect, and all)
>
> On Apr 25, 2017, at 1:29 PM, Software Information <
> softwareinforjam at gmail.com> wrote:
>
> Hi All
> I have been trying to find some ipfilter documentation that will show me
> how to rate limit to a particular port in OmniOS. I really want to rate
> limit users logging on using ssh to seriously discourage the brute forcers.
> I am more used to putting lines like this in pf.conf on a BSD.
>
> 1. table <abusive_ips> persist
>
>
> 2. block in quick from <abusive_ips>
>
>
> 3. pass in on $interface proto tcp to $interface port 53 flags S/SA keep
> state \
> (max-src-conn-rate 15/5, overload <abusive_ips> flush)
>
> Can anyone show me where some good docs are on how to accomplish this on
> Omni?
>
> Regards
>
> _______________________________________________
> OmniOS-discuss mailing list
> OmniOS-discuss at lists.omniti.com
> http://lists.omniti.com/mailman/listinfo/omnios-discuss
>
>
> _______________________________________________
> OmniOS-discuss mailing list
> OmniOS-discuss at lists.omniti.com
> http://lists.omniti.com/mailman/listinfo/omnios-discuss
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://omniosce.org/ml-archive/attachments/20170425/22f202dd/attachment.html>
More information about the OmniOS-discuss
mailing list