I want use PF for firewall for webserver , our webserver is Apache
I read this link
http://www.openbsd.org/faq/pf/filter.html
but I can not understand this section
Code:
An example:
table <abusive_hosts> persist
block in quick from <abusive_hosts>
pass in on $ext_if proto tcp to $web_server \
port www flags S/SA keep state \
(max-src-conn 100, max-src-conn-rate 15/5, overload <abusive_hosts> flush)
This does the following:
* Limits the maximum number of connections per source to 100
* Rate limits the number of connections to 15 in a 5 second span
* Puts the IP address of any host that breaks these limits into the <abusive_hosts> table
* For any offending IP addresses, flush any states created by this rule.
So I understand this
For example if some user with this IP
192.168.0.52
connect to my web server , he or she can only open 15 pages in 5 second ,if he or she open new pages , pf block him.
and I understand this
user with 192.168.0.53 can not open than 15 pages or can not connect more than 15 connection in 5 second .
Am I right ?
Do I understand good this?,
with this rule I each IP can have 15 connection in 5 second .
please someone explain this section better for me