* limit connection
@ 2005-10-01 20:33 Piotr Holubniak
2005-10-02 7:47 ` Marek Zachara
0 siblings, 1 reply; 2+ messages in thread
From: Piotr Holubniak @ 2005-10-01 20:33 UTC (permalink / raw)
To: netfilter
Hello everyone
Is it possisble to limit number of connections which can be established
from one IP address?
I mean if sender reaches limited number of connections, no more
connections can be established from this host, but other host still can
connect . I rather think about global limit not for certain IP address.
Regards
PiotrH
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: limit connection
2005-10-01 20:33 limit connection Piotr Holubniak
@ 2005-10-02 7:47 ` Marek Zachara
0 siblings, 0 replies; 2+ messages in thread
From: Marek Zachara @ 2005-10-02 7:47 UTC (permalink / raw)
To: netfilter
On Saturday 01 of October 2005 22:33, Piotr Holubniak wrote:
> Hello everyone
>
> Is it possisble to limit number of connections which can be established
> from one IP address?
> I mean if sender reaches limited number of connections, no more
> connections can be established from this host, but other host still can
> connect . I rather think about global limit not for certain IP address.
>
try this:
iptables -A FORWARD -p tcp --syn -s $source_ip -o $ext_interface -m connlimit
--connlimit-above $number_of_allowed_connections -j REJECT
Marek
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2005-10-02 7:47 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2005-10-01 20:33 limit connection Piotr Holubniak
2005-10-02 7:47 ` Marek Zachara
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.