View Single Post
  #2   (View Single Post)  
Old 8th December 2019
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
Join Date: May 2008
Location: USA
Posts: 7,109

Originally Posted by victorvas View Post
...only must be allowed SSH connections...
Inbound or Outbound?
... and only user admin must be allowed to connect via SSH.
Filtering by user or group can only be done for packets that originate on or are destined for the system that is running PF. If the system is acting as a router, user or group filtering is not possible. Group and user filtering is determined by the group/user of the process transmitting or the process listening.
Also we would like to limit bandwidth for admin if that's possible.
Certainly, but only for outbound traffic. Arriving traffic cannot be queued, it is processed on arrival.
Reply With Quote