>I'm using the following iptables rule to redirect them: > >/sbin/iptables -t nat -I PREROUTING -p tcp -s $IP -i $LAN_DEV --sport >1024: --dport 80 --syn -m limit --limit 1/d --limit-burst 1 -j REDIRECT >--to-port 5000 You could use dstlimit with --dstlimit-mode srcip-dstip and probably save some rules. With dstlimit, you also get an overview of which connections are currently limited, and their burst status, in /proc/net/ipt_dstlimit/DSTLIMIT_NAME It's because I think some burst math allows to have a second packet sneak in. >What am I doing wrong? Why was I redirect a second time? In my opinion, >the second redirection should not have happened then, but 1 day (24 >hours) later... Jan Engelhardt -- | Alphagate Systems, http://alphagate.hopto.org/
