Hello - When I applied the following rules below to my firewall my clients starting having problems browsing webpages. When I did a tcpdump I could see the request go to the DNS server, but never saw a reply. When I commented out the tcp rules, everything worked fine. Do you think my limits are too low? I would estimate there are around 200 pcs coming through this. Also, I am unclear if the rules are applied on a collective basis, or per ip address. I assume it is ALL traffic, not per IP. $IPTABLES -A INPUT -s X.X.30.0/24 -j ACCEPT # Exclude Management subnet from below rules $IPTABLES -A INPUT -d X.X.30.0/24 -j ACCEPT $IPTABLES -A FORWARD -s X.X.30.0/24 -j ACCEPT $IPTABLES -A FORWARD -d X.X.30.0/24 -j ACCEPT $IPTABLES -A INPUT -p tcp --syn -m limit --limit 500/s -j REJECT $IPTABLES -A FORWARD -p tcp --syn -m limit --limit 500/s -j REJECT $IPTABLES -A INPUT -p tcp -m limit --limit 2500/s -j REJECT $IPTABLES -A FORWARD -p tcp -m limit --limit 2500/s -j REJECT $IPTABLES -A INPUT -p icmp -m limit --limit 200/s -j REJECT $IPTABLES -A FORWARD -p icmp -m limit --limit 200/s -j REJECT Thanks, Russ Kreigh Network Engineer OnlyInternet.Net Broadband & Wireless Supernova Technologies Office: (800) 363-0989 Direct: (260) 827-2486 Fax: (260) 824-9624 kreigh@xxxxxxxxxxxxxxxx http://www.oibw.net
