DaemonForums  

Go Back   DaemonForums > FreeBSD > FreeBSD General

FreeBSD General Other questions regarding FreeBSD which do not fit in any of the categories below.

Reply
 
Thread Tools Display Modes
  #1   (View Single Post)  
Old 28th November 2017
marianh marianh is offline
New User
 
Join Date: Nov 2017
Posts: 1
Default PF: UDP rate limiting

How does one rate limit UDP on PF enabled gateway?
For example I would like to limit 10.1.2.0/24 to max 100 UDP packets per second.
How do I achieve that?
Reply With Quote
  #2   (View Single Post)  
Old 28th November 2017
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 7,975
Default

Hello, and welcome!

I'm not aware of any rate limiting capability for PF that uses PPS as a measure.

Traffic shaping (queueing) can be used to limit outbound bandwidth, rather than PPS. You could use this on any traffic you were forwarding from the 10.1.2.0/24 subnet to other networks.

You might be able to limit the number of UDP connections permitted, through a subset of of PF's Stateful Tracking Options, which are available for UDP traffic. UDP is stateless, but PF treats UDP as if it is stateful, using timers to track a limited form of state. You could limit the maximum number of "states" permitted to pass a specific rule, or you could limit the number of "states" by individual IP address within the rule, for example. See the STATEFUL TRACKING OPTIONS section of the pf.conf(5) man page for FreeBSD's PF, which I believe matches OpenBSD release 4.5 syntax. http://man.openbsd.org/OpenBSD-4.5/pf.conf
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
PF sessions/s rate evaluation Vauteck OpenBSD Security 1 16th August 2011 10:09 AM
iptables: overload on max-src-conn-rate? Carpetsmoker Other BSD and UNIX/UNIX-like 2 13th May 2011 09:34 PM
Help Limiting/Splitting Bandwidth EverydayDiesel OpenBSD Security 5 1st April 2009 08:19 AM
transfer rate zomo OpenBSD General 7 26th January 2009 03:00 AM
OpenBSD 4.4 and refresh rate 75 mfaridi OpenBSD Installation and Upgrading 8 12th November 2008 12:05 PM


All times are GMT. The time now is 10:16 AM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick