1745875 Members
4336 Online
108723 Solutions
New Discussion

IPFilter DCA question.

 
john guardian
Super Advisor

IPFilter DCA question.

DCA mode is disabled by default, so it must be explicitly enabled. I set DCA_START=1 in the /etc/rc.config.d/ipfconf file (ipf -e at the commend line).


If I were to use the following:

 

"pass in proto tcp from any to any port = 22 keep limit 1"

 

would this have the effect of

 

allowing only 1 connection to the sshd server at a time....

 

OR

 

allowing only 1 connection to the sshd server at a time PER CLIENT.

 

 

I'm looking to specifically limit (via firewall rules rather than just the SSHD_CONFIG file) connections PER CLIENT, w/o having to specify exact IP Addresses.

 

Anyone? Thanks.