IPFilter DCA question. (115 Views)
Reply
Super Advisor
john guardian
Posts: 309
Registered: ‎09-26-2003
Message 1 of 1 (115 Views)

IPFilter DCA question.

DCA mode is disabled by default, so it must be explicitly enabled. I set DCA_START=1 in the /etc/rc.config.d/ipfconf file (ipf -e at the commend line).


If I were to use the following:

 

"pass in proto tcp from any to any port = 22 keep limit 1"

 

would this have the effect of

 

allowing only 1 connection to the sshd server at a time....

 

OR

 

allowing only 1 connection to the sshd server at a time PER CLIENT.

 

 

I'm looking to specifically limit (via firewall rules rather than just the SSHD_CONFIG file) connections PER CLIENT, w/o having to specify exact IP Addresses.

 

Anyone? Thanks.

The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation.