blocking unwanted traffic from hitting gateway

Rogelio scubacuda at
Wed May 18 12:42:03 UTC 2011

I've got about 1000 people hammering a Linux gateway with http
requests, but only about 150 of them are authenticated users for the

Once someone authenticates, then I want their traffic to pass through
okay.  But if they're not an authenticated user, I would like to
ideally block those http requests (e.g. Google updater, AV scanners,
etc) from ever tying up my web server.

Is there some sort of box I could put in front (e.g. OpenBSD pf in
transparency mode) or maybe some sort of filter on the webserver?
This solution would need to be tied into the authentication services
so authenticated users hit the gateway.

Also on LinkedIn?  Feel free to connect if you too are an open
networker: scubacuda at

More information about the NANOG mailing list