From: Jan Kogut <jkogut@genesilico.pl>
To: Martijn Lievaart <m@rtij.nl>
Cc: netfilter@lists.netfilter.org
Subject: Re: Limitations on connections
Date: Mon, 25 Jun 2007 13:47:34 +0200 [thread overview]
Message-ID: <467FAB56.5010906@genesilico.pl> (raw)
In-Reply-To: <467E6B16.4090601@rtij.nl>
Martijn Lievaart wrote:
> Christos Panagiotakis wrote:
>> Hi people!
>>
>> Please don't flame/blame me I don't know much about iptables (yet, I
>> hope so.. :-)
>>
>> I was wondering if I can limit the established connections on a
>> specific port
>> using iptables rules.
>>
>> For example, lets say that we have an irc daemon (ircd) running on
>> 6667,6668 etc
>> and/or (another example to be more specific) a shout cast streaming
>> server
>> listening to 8000 or other port.
>>
>> Can I limit on a) ircd the users connecting or b) e.g. the listeners
>> on shout cast to a
>> specific number?
>> Lets say that I don't want more than 20 listeners simultaneously.
>> If I am not wrong, that means I don't want more than 20 established
>> connections on port 8000.
>>
>> Is this possible using iptables rules and if yes, it is going to work
>> properly ?
>>
>
> Yes this is possible using connlimit. It SHOULD work properly, but as
> I haven't used it for a while I cannot comment on how it works. It may
> also be dependent on your kernel version if you need to patch your
> kernel or wether it is already included.
>
> M4
>
Hello,
if You are using Debian (Etch), here is a nice tutorial how to compile
iptables with p-o-m and kernel.
http://www.howtoforge.com/forums/archive/index.php/t-21.html
Cheers,
JK
--
Regards,
Jan Kogut
Computer Systems Administrator
Laboratory of Bioinformatics and Protein Engineering
International Institute of Molecular and Cell Biology
ul. Ks. Trojdena 4
02-109 Warsaw, Poland
http://genesilico.pl
:.
prev parent reply other threads:[~2007-06-25 11:47 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2007-06-10 9:12 Limitations on connections Christos Panagiotakis
2007-06-10 21:13 ` Grant Taylor
2007-06-24 13:01 ` Martijn Lievaart
2007-06-25 11:47 ` Jan Kogut [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=467FAB56.5010906@genesilico.pl \
--to=jkogut@genesilico.pl \
--cc=m@rtij.nl \
--cc=netfilter@lists.netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox