[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: pf compatibility w/ other unix OS
On Mon, Jun 03, 2002 at 11:28:14AM +0200, Jedi/Sector One wrote:
> What I mean with rate limitation is to disallow the same <source ip>/
> <dest ip+port> pair to match 100 times a second.
OK I can't recall the module's name.. However there is a apache
module that can be compiled in that does exactly that. What it
does is map ip+port. Then it allows for granularity
exactly_like you want AFAI recall . .. hmmm found it!
There is another way. If you want you can simply write your own
delimiter that tags each http session by pairing ip/port/time/concurrency.
Then require, include, import, use, that module with your dynamics on a per
program basis . The key in that case would be to create a unique session_tag.
However AFAIK this will do it for you. Hope that helps you out.
/* Security is a work in progress - dreamwvr */
# Note: To begin Journey type man afterboot,man help,man hier[.]
// "Who's Afraid of Schrodinger's Cat?" /var/(.)?mail/me \? ;-]