[CentOS] which firewall to automatically block bandwidth abusers?

John R Pierce pierce at hogranch.com
Thu Aug 18 23:49:36 UTC 2011


On 08/17/11 12:50 PM, Rudi Ahlers wrote:
> A normal DDOS prevention firewall doesn't really work since it only
> blocks traffic coming in. But I need to limit traffic going out as
> well.
>
> The servers behind the firewall will serve mail, http, ftp, sql and SSH

without requests coming in, no web etc traffic can go out.

you want to block your own mail server from sending too much mail to a 
single host?    and block an internet mail server from sending "too 
much" mail to you?   thats not going to end well.

SQL?  what are you doing letting a SQL server be publically 
accessible?   SQL servers should only be accessed by application servers 
over secure connections.

I think as it stands, this is a very poorly thought out idea with much 
room for gotchas and problems.



-- 
john r pierce                            N 37, W 122
santa cruz ca                         mid-left coast




More information about the CentOS mailing list