Hi, Toby DiPasquale schrieb: > To do this, the connlimit module would have to keep track of > individual conntracks, not just aggregate numbers. It doesn't right > now, but it could be made to do so. Do you have any plans to change that? If no, do you know if anybody is maintaining connlimit right now? I'd like a combination of hashlimit and connlimit which also works for UDP so I can limit the number of simultaneous connections per IP to avoid overflowing the conntrack table of upstream firewalls. Regards, Carl-Daniel -- http://www.hailfinger.org/
