On Sat, May 21, 2005 at 06:08:59AM +0300, bright true wrote:
> Hello ,
> How can i set the Max number of allowed tcp connections from the same ip
> address ???
> if the current ip has more than the allowed number of connections the
> server will drop or reject the new connections
> untill it gets an empty space to connect
> if there's any rule i can set for this (please provide me with the way to
> remove the rule also)
the way to do this correctly is to apply the connlimit patch from PoM,
and use a rule like (using SMTP as an example and 4 conns):
iptables -A [INPUT|FORWARD] -p tcp --syn --dport 25 \
-m connlimit --connlimit-above 4 -j REJECT
this will result in any individual IP being allowed to make up to 4
simultaneous connections.
you delete rules by replacing the '-A' with a '-D'
-j
--
"Peter: Brothers and sisters fighting is as natural as a white mans
dialog in a Spike Lee movie."
--Family Guy
