thanks for reply, but I think
connlimit counts all connection, not only New
What I want to achieve:
* unlimited connections that are in 'Established' state
* limit 'New', for example, to only 10 per src IP
W dniu 19.01.2019 o 18:51, Anton Danilov pisze:
Hi.
If you use the iptables, you can use the conntrack match (match by
state NEW) + hashlimit or recent matches (to limit the rate).
On Sat, 19 Jan 2019 at 17:08, Jurek Golonko <jgolonko@xxxxxxxxxx> wrote:
Hi,
I'd like to check how many connections are
in 'New' state per source address at the moment
and take action if some limit is exceeded.
Any idea how to achieve this?
BR,
JG
