* How to limit the rate of the TCP connections from a subnet?
@ 2004-11-08 11:53 lu.peng
2004-11-08 11:56 ` Jvalencia
2004-11-08 12:01 ` Samuel Jean
0 siblings, 2 replies; 3+ messages in thread
From: lu.peng @ 2004-11-08 11:53 UTC (permalink / raw)
To: netfilter-devel
Hi, all,
I want to limit the rate of the TCP connections of every single ip from a specific subnet, but i can't find a good way to do that.
I have studied two matches:
1, 'connlimit' match
but unfortunately, 'connlimit' match provide two ways to limit the sum of the TCP connections:
1) single IP
2) whole subnet not every single ip of the subnet
and most importantly, it can not limit the rate , just limit the sum of the TCP connections.
2, 'limit' matches:
I can use '-p tcp --syn -m limit --limit 6/m ......' to limit the rate of the TCP connections of the whole subnet or single ip. if i want to limit the rate of every single ip of the specific subnet, I should set a rule for every ip.
what i want is : only one rule can achieve ---limit the rate of the TCP connections of every single ip from a specific subnet.
sorry for my poor english, I hope you can know what i mean. Please help me if you know how.
Thanks in advance.
^ permalink raw reply [flat|nested] 3+ messages in thread* Re: How to limit the rate of the TCP connections from a subnet?
2004-11-08 11:53 How to limit the rate of the TCP connections from a subnet? lu.peng
@ 2004-11-08 11:56 ` Jvalencia
2004-11-08 12:01 ` Samuel Jean
1 sibling, 0 replies; 3+ messages in thread
From: Jvalencia @ 2004-11-08 11:56 UTC (permalink / raw)
To: netfilter-devel
>
> Hi, all,
>
> I want to limit the rate of the TCP connections of every single ip from a specific subnet, but i can't find a good way to do that.
>
You can always use a simple script to generate a list of iptable rules for the specified subnet. A simple bash "for" can do it.
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: How to limit the rate of the TCP connections from a subnet?
2004-11-08 11:53 How to limit the rate of the TCP connections from a subnet? lu.peng
2004-11-08 11:56 ` Jvalencia
@ 2004-11-08 12:01 ` Samuel Jean
1 sibling, 0 replies; 3+ messages in thread
From: Samuel Jean @ 2004-11-08 12:01 UTC (permalink / raw)
To: lu.peng; +Cc: netfilter-devel
lu.peng wrote:
>Hi, all,
>
> I want to limit the rate of the TCP connections of every single ip from a specific subnet, but i can't find a good way to do that.
>
>
So, that's netfilter@lists.netfilter.org question ?
> <>
> I have studied two matches:
> 1, 'connlimit' match
> but unfortunately, 'connlimit' match provide two ways to limit the sum
> of the TCP connections:
> 1) single IP
> 2) whole subnet not every single ip of the subnet
> and most importantly, it can not limit the rate , just limit the sum
> of the TCP connections.
>
> 2, 'limit' matches:
> I can use '-p tcp --syn -m limit --limit 6/m ......' to limit the rate
> of the TCP connections of the whole subnet or single ip. if i want to
> limit the rate of every single ip of the specific subnet, I should set
> a ule for every ip.
> what i want is : only one rule can achieve ---limit the rate of the
> TCP connections of every single ip from a specific subnet.
>
And what about 'recent' match ?
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2004-11-08 12:01 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2004-11-08 11:53 How to limit the rate of the TCP connections from a subnet? lu.peng
2004-11-08 11:56 ` Jvalencia
2004-11-08 12:01 ` Samuel Jean
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.