nanog mailing list archives

blocking unwanted traffic from hitting gateway

From: Rogelio <scubacuda () gmail com>
Date: Wed, 18 May 2011 09:42:03 -0300

I've got about 1000 people hammering a Linux gateway with http
requests, but only about 150 of them are authenticated users for the
ISP.

Once someone authenticates, then I want their traffic to pass through
okay.  But if they're not an authenticated user, I would like to
ideally block those http requests (e.g. Google updater, AV scanners,
etc) from ever tying up my web server.

Is there some sort of box I could put in front (e.g. OpenBSD pf in
transparency mode) or maybe some sort of filter on the webserver?
This solution would need to be tied into the authentication services
so authenticated users hit the gateway.

-- 
Also on LinkedIn?  Feel free to connect if you too are an open
networker: scubacuda () gmail com

Current thread:

blocking unwanted traffic from hitting gateway Rogelio (May 18)
- Re: blocking unwanted traffic from hitting gateway Dobbins, Roland (May 18)
- Re: blocking unwanted traffic from hitting gateway Matthew Palmer (May 18)
- Re: blocking unwanted traffic from hitting gateway Wil Schultz (May 18)
  - Re: blocking unwanted traffic from hitting gateway Rogelio (May 21)