From mboxrd@z Thu Jan  1 00:00:00 1970
From: =?ISO-8859-2?Q?G=E1sp=E1r_Lajos?= <swifty@freemail.hu>
Subject: Re: CONNLIMIT Questions
Date: Wed, 21 Jan 2009 19:43:11 +0100
Message-ID: <49776CBF.6000406@freemail.hu>
References: <55F56AFD-736E-4FBB-9F08-B4A6A3393140@dancing.org> <slrngn97bo.dts.sitaramc@sitaramc.homelinux.net> <080C17B3-CF53-45FD-AC6D-C3F7C545C8A5@dancing.org>
Mime-Version: 1.0
Content-Transfer-Encoding: QUOTED-PRINTABLE
Return-path: <netfilter-owner@vger.kernel.org>
In-Reply-To: <080C17B3-CF53-45FD-AC6D-C3F7C545C8A5@dancing.org>
Sender: netfilter-owner@vger.kernel.org
List-ID: <netfilter.vger.kernel.org>
Content-Type: text/plain; charset="iso-8859-1"; format="flowed"
To: Peter Renzland <peter@dancing.org>
Cc: Sitaram Chamarty <sitaramc@gmail.com>, netfilter@vger.kernel.org

Hi!


Peter Renzland =EDrta:
> The central question that was never addressed was:
>
> * The iptables manual page states that connlimit limits *incoming*=20
> *tcp* connections.  I want to limit what overwhelmingly are outgoing=20
> UDP connections.
Don't get me wrong... but EVERY forwarded connection/packet at first is=
=20
incoming on the firewall...
Think about it...
>
> Thanks,
> Peter Renzland
>
Swifty