Hello folks, Having solved my load balancing issue from my previous post using a bridge, I was wondering if pfsync can help in allowing me to enforce global rules on all of my backend servers. What I would like to do, for example, is to limit the number of outgoing connections a certain client can have at any one point to N connections.
If I was dealing with a single firewall, then that would be very simple. Since my clients can be load balanced across several firewalls though, with multiple connections being handled by multiple firewalls, the scenario becomes more complicated. Suppose that a client has: X connections through firewall1 Y connections through firewall2 a maximum number of allowed connections = N What I want is: X + Y <= N at any point in time. Can this be achieved using pfsync? If so, what do I need to do to get this working? If not, can pfsync be extended to allow for this or should we look into something different altogether? Thanks for your time. Regards, hisham. -- Hisham Mardam Bey MSc (Computer Science) http://hisham.cc/ +9613609386 Codito Ergo Sum (I Code Therefore I Am)
