Hi all Curious about this, but first: iptables v1.4.15 linux 2.6.30.10-105.2.23 ( fc11 ) I have: -A FORWARD -p tcp --syn --dport 4800 -m connlimit --connlimit-above 1 -j LOG -A FORWARD -p tcp --syn --dport 4800 -m connlimit --connlimit-above 1 -j REJECT --reject-with tcp-reset I see some connections limited, but not all. I can look at the end point application to view the inbound connections. The end point application - users first connect on tcp port 4800, of which the application then gives out an udp port number for data. I haven't been able to find out how long those first tcp connections stay around. Are they timing out, hence the second connection, or is the udp stuff what is causing me grief? If they are timing out, how can I keep limiting connections? I have a range of udp ports that are given out, can I use those somehow? Thanks! todh -- Todd Hackett Chief Bottle Washer PoBox 1168 Libby, MT 59923 406.293.3843 -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
