08-12-2013 09:11 AM
DCA mode is disabled by default, so it must be explicitly enabled. I set DCA_START=1 in the /etc/rc.config.d/ipfconf file (ipf -e at the commend line).
If I were to use the following:
"pass in proto tcp from any to any port = 22 keep limit 1"
would this have the effect of
allowing only 1 connection to the sshd server at a time....
allowing only 1 connection to the sshd server at a time PER CLIENT.
I'm looking to specifically limit (via firewall rules rather than just the SSHD_CONFIG file) connections PER CLIENT, w/o having to specify exact IP Addresses.