Hi all, I need to block/reject traffic with the following criteria: for e specific http header for example "User-Agent: Wget" (I can manage this with --string pattern) AND when there are more than 10 connections/seconds. So iptables would be blocking connections from user-agent: wget where traffic speed is >10 connection/second. My problem is that my webserver is behind a NAT, so I will see only one IP source. Hashmode options uses IP so I can't use this option. Can you please tell if this can be performed with iptables? Thanks, Edmond -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
