Christos Panagiotakis wrote:
Hi people!
Please don't flame/blame me I don't know much about iptables (yet, I
hope so.. :-)
I was wondering if I can limit the established connections on a
specific port
using iptables rules.
For example, lets say that we have an irc daemon (ircd) running on
6667,6668 etc
and/or (another example to be more specific) a shout cast streaming
server
listening to 8000 or other port.
Can I limit on a) ircd the users connecting or b) e.g. the listeners
on shout cast to a
specific number?
Lets say that I don't want more than 20 listeners simultaneously.
If I am not wrong, that means I don't want more than 20 established
connections on port 8000.
Is this possible using iptables rules and if yes, it is going to work
properly ?
Yes this is possible using connlimit. It SHOULD work properly, but as I
haven't used it for a while I cannot comment on how it works. It may
also be dependent on your kernel version if you need to patch your
kernel or wether it is already included.
M4
