Re: Limit

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 




There is a way with connlimit to limit from all IPs, add a --connlimit-mask 0


On Fri, 26 Aug 2005, Daniel Lopes wrote:

Taylor, Grant schrieb:
Take a look at the connlimit match extension.

iptables -t filter -A INPUT -i ${WAN} -d ${WANIPAddress} -p tcp --dport 3333 -m connlimit --connlimit-above 10 -j DROP



Grant. . . .

Lyubomir Louisov wrote:

So how can i limit the number of connections on port 3333 to no more than 10
at a time with iptable?
Is it posible?




I first thought about the same thing. But that will allow more than 10 connections in total. It will allow only 10 connections per IP but afaik in total it can then be alot more than 10 depending on the IPs connecting. Don't know how you can limit it to 10 connections in total but there must be a way with so much options being available for iptables ;). Please correct me if I am wrong.





[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux