On Thursday 13 March 2008 06:21:11 Vadim Goncharov wrote: > Hi [EMAIL PROTECTED] > > On Wed, 12 Mar 2008 21:00:55 GMT; [EMAIL PROTECTED] wrote about 'Re: kern/80642: [ipfw] [patch] ipfw small patch - new RULE OPTION': > > State-Changed-From-To: open->suspended > > State-Changed-By: vwe > > State-Changed-When: Wed Mar 12 20:58:32 UTC 2008 > > State-Changed-Why: > > Awaiting maintainer interest. > > This may be useful for one, so we're not just closing this silently. > > > > http://www.freebsd.org/cgi/query-pr.cgi?pr=80642 > > Yes, this is useful, but some minor changes are needed, I think. First, > rename it to "bytelimit" or somewhat. Second, allow this to use tablearg > and possibly ability to reference a counter to corresponding dynamic rule, > to allow this to act for a specific IP or connection without need to write > many rules. Third, add packet counter as well. That's all possible with one > opcode, though...
I think the best would be that it works as "limit src-ip N" does, using perhaps the limit keyword as well but as in ".... limit max-bytes N" what would give sufficient possibilities for pass and skipto etc -- Atenciosamente, J.M. Responsável Plantão Site Support Matik Infomatik Internet Technology (18)3551.8155 (18)8112.7007 http://info.matik.com.br A mensagem foi scaneada pelo sistema de e-mail e pode ser considerada segura. Service fornecido pelo Datacenter Matik https://datacenter.matik.com.br _______________________________________________ freebsd-ipfw@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw To unsubscribe, send any mail to "[EMAIL PROTECTED]"