All of lore.kernel.org
 help / color / mirror / Atom feed
* Block an IP if there is number of connection within a time limit ??
@ 2007-06-27  5:12 Ditro - BipinDas
  2007-06-27  5:18 ` Grant Taylor
  0 siblings, 1 reply; 3+ messages in thread
From: Ditro - BipinDas @ 2007-06-27  5:12 UTC (permalink / raw)
  To: netfilter

Dear List,

I do have a Exim mail server with IPTABLES and TCP WRAPPER as firewall. 
Yesterday I had noticed that,there is continuous smpt connection from an 
IP. I would like to block these IP,if there is more than 10 connection 
in 30 second. Is this possible using IPTABLES command. If yes,Please 
guide me.

Thanks in Advance
-- 


^ permalink raw reply	[flat|nested] 3+ messages in thread
* Re: Block an IP if there is number of connection within a time limit ??
  2007-06-27  5:12 Block an IP if there is number of connection within a time limit ?? Ditro - BipinDas
@ 2007-06-27  5:18 ` Grant Taylor
  2007-06-27 15:55   ` Juan León
  0 siblings, 1 reply; 3+ messages in thread
From: Grant Taylor @ 2007-06-27  5:18 UTC (permalink / raw)
  To: Mail List - Netfilter

On 6/27/2007 12:12 AM, Ditro - BipinDas wrote:
> I do have a Exim mail server with IPTABLES and TCP WRAPPER as 
> firewall. Yesterday I had noticed that,there is continuous smpt 
> connection from an IP. I would like to block these IP,if there is 
> more than 10 connection in 30 second. Is this possible using IPTABLES 
> command. If yes,Please guide me.

Use the IPTables "recent" match extension to match on newly established 
SMTP sessions and reject them if there have been more than 10 in the 
last 30 seconds.



Grant. . . .


^ permalink raw reply	[flat|nested] 3+ messages in thread
* Re: Block an IP if there is number of connection within a time limit ??
  2007-06-27  5:18 ` Grant Taylor
@ 2007-06-27 15:55   ` Juan León
  0 siblings, 0 replies; 3+ messages in thread
From: Juan León @ 2007-06-27 15:55 UTC (permalink / raw)
  To: Mail List - Netfilter

2007/6/27, Grant Taylor <gtaylor@riverviewtech.net>:
> On 6/27/2007 12:12 AM, Ditro - BipinDas wrote:
> > I do have a Exim mail server with IPTABLES and TCP WRAPPER as
> > firewall. Yesterday I had noticed that,there is continuous smpt
> > connection from an IP. I would like to block these IP,if there is
> > more than 10 connection in 30 second. Is this possible using IPTABLES
> > command. If yes,Please guide me.
>
> Use the IPTables "recent" match extension to match on newly established
> SMTP sessions and reject them if there have been more than 10 in the
> last 30 seconds.

iptables -I INPUT -p tcp --dport 25 -i eth0 -m state --state NEW -m recent \
  --update --seconds 30 --hitcount 10 -j DROP


>
>
>
> Grant. . . .
>
>


^ permalink raw reply	[flat|nested] 3+ messages in thread
end of thread, other threads:[~2007-06-27 15:55 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2007-06-27  5:12 Block an IP if there is number of connection within a time limit ?? Ditro - BipinDas
2007-06-27  5:18 ` Grant Taylor
2007-06-27 15:55   ` Juan León

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.