From: "Taylor, Grant" <gtaylor@riverviewtech.net>
To: hareram <hareram@sol.net.in>
Cc: netfilter@lists.netfilter.org
Subject: Re: TTL Examples
Date: Wed, 20 Apr 2005 17:32:23 -0500 [thread overview]
Message-ID: <4266D877.3030201@riverviewtech.net> (raw)
In-Reply-To: <060601c54572$90801ab0$09603fca@southern>
> can some one give me the example script.
I don't think there is really a script per say that will do this. As quite often such systems are monitoring traffic remembering what recent values were and looking for a difference in the norm as a sign of something funny going on.
> i would like to restrict other side use only one PC, he/she should not
> use any proxy server or any other NAT.
Rather than doing something to prevent the client from using multiple systems behind some sort of NAT and / or proxy I've found it much easier (technically and on my concious) and reliable to just allow the client to have as may systems as they want and just bill based on bandwidth. If the client decides that they want to do this then they can do so, they will just have to distribute the bandwidth costs.
If you really want to do this you could set something up that would limit the number of connections that any given IP could have initiated at one time. However I think this could EASILY break a LOT of things. If you REALLY want to put a system in place and have it try to guess if there are multiple clients behind a system you should probably look at the sequence numbers that are coming out in packets too as a single system should have sequence numbers that are incrementing higher, not necessarily in sequential as in 123, 124, 125, as in the current sequence number should be higher than the previous and the next sequence number should be larger than the current. The sequence numbers should not jump all over the scale as this is another sign that there are multiple systems behind the firewall. In fact quite often if you have enough sequence numbers you can even guess fairly close as to
how many systems are behind the firewall.
Grant. . . .
next prev parent reply other threads:[~2005-04-20 22:32 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2005-04-20 6:31 TTL Examples hareram
2005-04-20 11:35 ` Georgi Alexandrov
2005-04-20 22:24 ` Taylor, Grant
2005-04-20 22:32 ` Taylor, Grant [this message]
2005-04-21 1:29 ` Jason Opperisano
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4266D877.3030201@riverviewtech.net \
--to=gtaylor@riverviewtech.net \
--cc=hareram@sol.net.in \
--cc=netfilter@lists.netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.