Re: Haproxy (was Avoiding Tel
By: Mike Powell to DEON on Wed Mar 13 2024 08:22 am
Hey Mike,
What haproxy settings are you using to "slow down" telnet and ssh traffic?
This is how my haproxy is configured (in a frontend definition block):
# Track the backend state - and reject any attempts if its down
acl be-telnet-dead nbsrv(be-sbbs-telnet) lt 1
tcp-request connection reject if be-telnet-dead
# stick table definition for storing rates
stick-table type ipv6 size 500k expire 30m store conn_cur,conn_rate(60s)
## Allow clean known IPs to bypass the filter
tcp-request connection accept if { src -f /usr/local/etc/haproxy/config/whitelist.lst }
# Only allow 1 connections per IP opened
tcp-request connection reject if { src_conn_cur ge 1 }
# Only allow 1 connections per 60s
tcp-request connection reject if { src_conn_rate ge 1 }
tcp-request connection track-sc1 src
...ëîåï
---
þ Synchronet þ AnsiTEX bringing back videotex but with ANSI
* Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)