News
:
This forum is now permanently frozen.
m0n0wall Forum
>
m0n0wall Support (English)
>
Firewall/NAT
Topic: Need Limit src-addr x
Pages: [
1
]
Topic: Need Limit src-addr x (Read 2218 times)
Need Limit src-addr x
« on: January 06, 2012, 19:55:44 »
GTe
Posts: 3
Hello,
I would like to add a firewall rule that limits the maximum number of connections from a source address like:
IPFW add 100 allow tcp from any to internal 3389 in limit src-addr 4
I've published my Terminal server through SSL on RDP port 3389 and as you may guessed those nice hacker boys are constantly trying to break in.
Is there some way to do this in M0nowall?
(I've searched on this subject name, so I hope no hit actually means it isn't addressed before.)
Re: Need Limit src-addr x
« Reply #1 on: January 09, 2012, 18:15:33 »
iridris
Posts: 145
There is no "official" way to do this that I know of - but, what you might be able to do is look up the appropriate command in ipfilter (the firewall software that m0n0wall uses) and input that command directly into 'exec.php'. If that works, then you can add the command in to your config.xml file.
Re: Need Limit src-addr x
« Reply #2 on: January 12, 2012, 21:39:34 »
GTe
Posts: 3
Thanks for your reply.
But how do I get access to this exec.php?
(I loaded my m0n0wall as an VMWare image)
Re: Need Limit src-addr x
« Reply #3 on: January 12, 2012, 21:45:21 »
Fred Grayson
Posts: 994
http://m0n0wall.LAN.IP/exec.php
or
https://m0n0wall.LAN.IP/exec.php
--
Google is your friend and Bob's your uncle.
Re: Need Limit src-addr x
« Reply #4 on: January 12, 2012, 21:49:54 »
GTe
Posts: 3
I just read the IPF handbook on
http://www.freebsd.org/doc/handbook/firewalls-ipf.html
and couldn't find any option that will do this trick.
So it seems that M0n0wall doesn't support this (imho) very useful option.
Re: Need Limit src-addr x
« Reply #5 on: January 13, 2012, 00:36:48 »
brushedmoss
Posts: 446
m0n0wall also uses IPFW (for traffic shaping and for captive portal) ,so if you turn on traffic shaper, you should be able to add any IPFW rule via exec.php
Good Luck !
Pages: [
1
]