View Single Post
  #1   (View Single Post)  
Old 13th January 2018
bryn1u bryn1u is offline
Port Guard
 
Join Date: May 2009
Posts: 19
Default PF - connection limit per ip

Hello guys,

Im reading about connection restricion per ip source.
Code:
stossh   ="(max 100,   source-track rule, max-src-conn 10,  max-src-conn-rate  5/200, overload <bruteforce> flush global)"
Am i translating well ? If not please correct me. Max 100 connection from all. Max 10 established connection per ip ? Max 5 connections per ip in 200 sec ?
And using it for:
Code:
pass in on $ext_if proto tcp from any to any port { 22 }   $stossh
But what about udp ? For example voice server connection. I want to limit connection on port 64738 (Mumble server)
Can i do something like example above ?
Code:
stovoice = "(max 100,   source-track rule, max-src-conn 10,  max-src-conn-rate  5/200, overload <bruteforce> flush global)"
And use it for:
Code:
pass in on $ext_if proto udp from any to any port { 64738 } $stovoice
If i good understand - mac-src-conn it's only for source ip but established. What about udp ? I just want to only limit connection per ip for example 5 ips.
Thank you.
Reply With Quote