Howdy,
If a single rule is really the way you want to go, maybe you can take
advantage of an iphash ipset?
Doing so would require the additional steps of creating the set and
populating it but, once that is accomplished you could use a single rule
which, asssuming the name of the set you create is 'limithosts', would look
simething like:
iptables -A INPUT -m set --set limithosts src -m limit -j ACCEPT
The ipset site at http://people.netfilter.org/kadlec/ipset/ provides an
excellent explanation of what ipset is and how to use it.
Just a thought...
- Andrew Kraslavsky
_________________________________________________________________
Don?t just search. Find. Check out the new MSN Search!
http://search.msn.click-url.com/go/onm00200636ave/direct/01/
