Connection rate limiting
Hi guys,
I have an interesting problem that I've been dealing with for a while. My ISP employs an IDP that disconnects a client for 5 mins or so whenever a set connections / time rate has been breached on grounds that it's 'a behavior common to viruses'. I was wondering if there was any way I could force either my computer (WinXP/Ubuntu) or the pfSense box (BSD firewall / routing platform) and me to limit the connection rate so I don't get killed whenever I would otherwise act too much like a virus. Thanks for your help. |
Quote:
With Linux, you could use iptables' limit and state modules to DROP or REJECT packets that try to establish NEW connections faster than a certain rate: Code:
# Set RATE to connections/seconds allowed, BURST to the number of packets allowed w/o respect to rate, and INET_IF to But I would think the application(s) that tried to initiate these connections would probably react badly to this. And it would only work for Linux. BSD might have a similar capability, but I am not familiar with it. |
All times are GMT -5. The time now is 10:01 AM. |