Hello Daniel, On Tue, 05.09.2006 at 07:55:53 -0700, Daniel Northam <[EMAIL PROTECTED]> wrote: > They do, but rate limiting on IPtables if I remember works at the nat > level so you will need to make the linux box a router where you do the > rate limiting, if you use IPtables. OpenBSD's dummynet features work a > lot better for this type of rate limiting.
thanks for the pointer to dummynet, but that looks like it's FreeBSD only (using ipfw, too). I just use pf's altq together with max-src-nodes, max-src-conn-rate and friends to great success. But maybe that's what you meant anyway. Best, --Toni++
