Controlling number of sessions

All of lore.kernel.org
 help / color / mirror / Atom feed

* Controlling number of sessions
@ 2003-09-23 13:59 Nauman Malik
  2003-09-23 14:43 ` Daniel Bidwell
  0 siblings, 1 reply; 3+ messages in thread
From: Nauman Malik @ 2003-09-23 13:59 UTC (permalink / raw)
  To: netfilter

[-- Attachment #1: Type: text/plain, Size: 257 bytes --]

Hi,

I have a Linux box being used as a cache server. I want to control number of TCP sessions per user/IP on this machine. e.g. At one time only 50 reuqets per user can be passed through this linux box.
Is it possible using iptables?.
Any idea how?

[-- Attachment #2: Type: text/html, Size: 679 bytes --]

^ permalink raw reply	[flat|nested] 3+ messages in thread

* Re: Controlling number of sessions
  2003-09-23 13:59 Controlling number of sessions Nauman Malik
@ 2003-09-23 14:43 ` Daniel Bidwell
  2003-09-23 15:44   ` Eric Leblond
  0 siblings, 1 reply; 3+ messages in thread
From: Daniel Bidwell @ 2003-09-23 14:43 UTC (permalink / raw)
  To: Nauman Malik; +Cc: netfilter

On Tue, 2003-09-23 at 09:59, Nauman Malik wrote:
> Hi,
> 
> I have a Linux box being used as a cache server. I want to control number of TCP sessions per user/IP on this machine. e.g. At one time only 50 reuqets per user can be passed through this linux box.
> Is it possible using iptables?.
> Any idea how?

I have connection tracking enabled and have a perl program that runs
every 5 minutes and counts the number of connections per local IP.  You
can then use a program like cutter to kill extra connections if this is
really what you want to do.
> 
-- 
Daniel R. Bidwell	|	bidwell@andrews.edu
Andrews University	|	Information Technology Services
If two always agree, one of them is unnecessary
"Friends don't let friends do DOS"
"In theory, theory and practice are the same.
In practice, however, they are not."



^ permalink raw reply	[flat|nested] 3+ messages in thread

* Re: Controlling number of sessions
  2003-09-23 14:43 ` Daniel Bidwell
@ 2003-09-23 15:44   ` Eric Leblond
  0 siblings, 0 replies; 3+ messages in thread
From: Eric Leblond @ 2003-09-23 15:44 UTC (permalink / raw)
  To: Daniel Bidwell; +Cc: Nauman Malik, netfilter

[-- Attachment #1: Type: text/plain, Size: 842 bytes --]

You want the connlimit target that is in POM ! :
http://www.netfilter.org/documentation/pomlist/pom-base.html#connlimit

Le mar 23/09/2003 à 16:43, Daniel Bidwell a écrit :
> On Tue, 2003-09-23 at 09:59, Nauman Malik wrote:
> > Hi,
> > 
> > I have a Linux box being used as a cache server. I want to control number of TCP sessions per user/IP on this machine. e.g. At one time only 50 reuqets per user can be passed through this linux box.
> > Is it possible using iptables?.
> > Any idea how?
> 
> I have connection tracking enabled and have a perl program that runs
> every 5 minutes and counts the number of connections per local IP.  You
> can then use a program like cutter to kill extra connections if this is
> really what you want to do.
> > 
-- 
Eric Leblond
Nufw, Now User Filtering Works (http://www.nufw.org)

[-- Attachment #2: Ceci est une partie de message numériquement signée --]
[-- Type: application/pgp-signature, Size: 189 bytes --]

^ permalink raw reply	[flat|nested] 3+ messages in thread

end of thread, other threads:[~2003-09-23 15:44 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2003-09-23 13:59 Controlling number of sessions Nauman Malik
2003-09-23 14:43 ` Daniel Bidwell
2003-09-23 15:44   ` Eric Leblond

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.