On Saturday 01 of October 2005 22:33, Piotr Holubniak wrote: > Hello everyone > > Is it possisble to limit number of connections which can be established > from one IP address? > I mean if sender reaches limited number of connections, no more > connections can be established from this host, but other host still can > connect . I rather think about global limit not for certain IP address. > try this: iptables -A FORWARD -p tcp --syn -s $source_ip -o $ext_interface -m connlimit --connlimit-above $number_of_allowed_connections -j REJECT Marek
