On Tue, Jul 20, 2010 at 6:55 PM, vlad <vla@xxxxxxxxxxx> wrote: > On Tue, Jul 20, 2010 at 06:47:00PM +0530, Nilesh Govindarajan wrote: >> On Tue, Jul 20, 2010 at 1:21 PM, vlad <vla@xxxxxxxxxxx> wrote: >> > Hello, >> > >> > The recent module is good for that: >> > http://www.sollers.ca/blog/2008/iptables_recent >> > http://www.google.com/search?q=iptables+recent >> > I have in my fw script: >> > " >> > $TABLES -A limitations -m recent --name RECENT_FILTER --set >> > $TABLES -A limitations -m recent --name RECENT_FILTER --rcheck --hitcount 6 -j recent_allowed_input >> > $TABLES -A limitations --match limit --limit $LOGLIMIT --limit-burst $LOGLIMITBURST -j LOG --log-prefix "stuff: " >> > $TABLES -A limitations -m recent --name RECENT_ALLOW --set >> > $TABLES -A limitations -j DROP >> > >> > $TABLES -A recent_allowed_input -m recent --name RECENT_ALLOW --update --seconds 300 -j ACCEPT >> > $TABLES -A recent_allowed_input -m recent --name RECENT_FILTER --remove -j DROP >> > " >> > Then you can do smth like >> > " >> > $TABLES -A INPUT <....> -j limitations >> > " >> > to apply the rules. >> > >> > Vlad >> > >> > >> >> Looks good, do your HTTP users face any problem with it? > Don't know. I use this only with ssh and music deamon. > Simply try. > >> > Friend, thanks a ton. I tested it with my IP itself, --hitcount 4. I coupled it with the state module, to check for new connections. It bans the IP for a minute when >4 requests are made parallely. -- Regards, Nilesh Govindarajan Facebook: http://www.facebook.com/nilesh.gr Twitter: http://twitter.com/nileshgr Website: http://www.itech7.com VPS Hosting: http://j.mp/arHk5e
