Hello, all. I read this document about iptables recent module.http://blog.andrew.net.au/2005/02/16#ipt_recent_and_ssh_attacks and I would like to filter the excessive spam mail sending ip address by iptables recent module.and some questions. iptables -A INPUT -p tcp --dport 25 -m state --state NEW -m recent --set --name SPAMiptables -A INPUT -p tcp --dport 25 -m state --state NEW -m recent --update --seconds 60 --hitcount 4 --rttl --name SPAM -j DROP
If I set like above, I can't understand the meaning of the hitcount.it means the number of a packet, session or connection? above rule means if 4 connection for 60 seconds, the ip will be filtered for 60 seconds, right? if some ip was filtered, how long will be filtered? for 60 seconds? when I see the list as cat /proc/net/ipt_recent/SPAMthe maximum number is 100. if it reaches the 100, no problem?and how to increase the number? Thanks in advance.
_________________________________________________________________메신저 10살 생일도 축하해 주시고,이벤트도 참여하세요~!http://im.msn.co.kr/im/main/mainCoverDetail.asp?BbsCode=bbs01&Seq=2688_______________________________________________CentOS mailing listCentOS@xxxxxxxxxxxxxx://lists.centos.org/mailman/listinfo/centos
