Hello, Currently, I am rate limiting SSH connections to one of my servers, (running shorewall 3.2.6) like this:
SSH/ACCEPT net $FW - - - - 1/min:2 Now, I'd like to allow some machines in the net zone to not be rate limited. Is this possible? I was thinking something like this: SSH/ACCEPT net:w.x.y.z/a $FW SSH/ACCEPT net $FW - - - - 1/min:2 That way, machines in the w.x.y.z/a IP block match the first rule, which has no rate limit, and all others match the rate limited rule. I could not find much on this and I am hesitant to experiment with a production server without some confirmation that I am headed in the right direction. Regards, -Roberto -- Roberto C. Sanchez http://people.connexer.com/~roberto http://www.connexer.com
signature.asc
Description: Digital signature
------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
