iptables hashlimit scrip and srcport

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hi,

I've following working rules, it blocks all IPs sending more than
1000kb/s and keeps it to the blocked list for 60s.

-A msg_rate -m recent --rcheck --seconds 60 --name msg_rate_blocked
--mask 255.255.255.255 --rsource -j DROP
-A msg_rate -m hashlimit --hashlimit-upto 1000kb/s --hashlimit-mode
srcip --hashlimit-name msg_rate_1 --hashlimit-htable-expire 5000 -j
RETURN
-A msg_rate -m recent --set --name msg_rate_blocked --mask
255.255.255.255 --rsource
-A msg_rate -j DROP

Now I want to block the combination of IP:Port, so I added
srcip,srcport to the hashlimit but it doesn't work. It keeps blocking
all IPs instead of IP:Port. So what I'm doing wrong ?

-A msg_rate -m hashlimit --hashlimit-upto 1000kb/s --hashlimit-mode
srcip,srcport --hashlimit-name msg_rate_1 --hashlimit-htable-expire
5000 -j RETURN

iptables v1.6.2
[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux