Is it possible to limit response to incoming traffic?
-
Let's say traffic from various public hosts flows into the WAN, NAT forwards it to a host on OPTx that replies with packets shaped to a certain limit, above which a delay or drop is applied.
Incoming Traffic –--> WAN ----> OPTx
^ |
| Reply is limited |
---<---------<---------<----Can this level of bandwidth control be achieved with pfsense 2.0 ???
Thanks
-
The way i did it was by limiting connections per port/service.
what I did in some clients:
-
Configure advanced rule options to limit connection by second/host
-
Install crontab package
-
Edit expiretable rules to reduce check times(in my case, check every minute ips blocked more then 120 seconds)
This way, a host that get blocked by rule, stay only 2 minutes blocked.
-
-
Thanks!
I'll try it right away!