Hello George, Thanks for adding some more infos related to this question. - Rio.Martin - On Monday 25 October 2004 15:12, George Alexandru Dragoi wrote: > iptables -I FORWARD -s 192.168.1.202 -p tcp --syn -m state --state NEW > -m limit --limit 50/s --limit-burst 100 -j ACCEPT > iptables -I FORWARD 2 -s 192.168.1.202 -p tcp --syn -m state --state NEW -j > DROP > > with udps things are a bit simmilar, except you dont need the --syn > > On Mon, 25 Oct 2004 17:45:14 +0000, Rio Martin. <rio@xxxxxxxxx> wrote: > > On 25 October 2004 am 06:05, Cristiano Soares wrote: > > > Hi all. I have a simple question. Is that a way to limit the number os > > > TCP or UDP connection of a single HOST in my network? For exemple: I > > > have a host with IP 192.168.1.202 and he is using edonkey, Kazaa, and > > > Bittorrent at the same time, and he also is infected by a virus that > > > opens more than 500 TCP ports at the same time. So, i want to limit > > > that host to be able to open no more then 30 TCP connections at once, > > > so he wouldnt hurt the other users. > > > Thanks in advance, > > > Cristiano Soares > > > > Try connlimit patches from Iptables POM > > www.netfilter.org > > > > - Rio.Martin - > > _______________________________________________ > > LARTC mailing list / LARTC@xxxxxxxxxxxxxxx > > http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/ _______________________________________________ LARTC mailing list / LARTC@xxxxxxxxxxxxxxx http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/