Hello guys,
Im reading about connection restricion per ip source.
Code:
stossh ="(max 100, source-track rule, max-src-conn 10, max-src-conn-rate 5/200, overload <bruteforce> flush global)"
Am i translating well ? If not please correct me. Max 100 connection from all. Max 10 established connection per ip ? Max 5 connections per ip in 200 sec ?
And using it for:
Code:
pass in on $ext_if proto tcp from any to any port { 22 } $stossh
But what about udp ? For example voice server connection. I want to limit connection on port 64738 (Mumble server)
Can i do something like example above ?
Code:
stovoice = "(max 100, source-track rule, max-src-conn 10, max-src-conn-rate 5/200, overload <bruteforce> flush global)"
And use it for:
Code:
pass in on $ext_if proto udp from any to any port { 64738 } $stovoice
If i good understand - mac-src-conn it's only for source ip but established. What about udp ? I just want to only limit connection per ip for example 5 ips.
Thank you.