Tux

...making Linux just a little more fun!

iptables configuration question

J. Bakshi [j.bakshi at unlimitedmail.org]


Thu, 3 Sep 2009 21:39:36 +0530

Hello list,

Hope you all are well. It is nearly 2 weeks I am working with iptables configuration and stuck poorly at a very interesting point. Among several others feature of my firewall, one I like to implement is limit_total_connection_of_a_service. There is already rate-limiter like a user can't get more than 2 ftp connection per min from the same source IP. I have used hashlimit for this. It can also be extended to restrict *all total* 2 connection per min .

- But what to do to restrict all total 2 ftp connection from a particular source ?

- And to restrict all together 5 ftp connection to the server ?

Could any one suggest a iptables configuration or iptables module to achieve these two objectives ? Thanks

PS: Please CC me.


Top    Back


J. Bakshi [j.bakshi at unlimitedmail.org]


Thu, 3 Sep 2009 22:15:37 +0530

On Thu, 3 Sep 2009 21:39:36 +0530 "J. Bakshi" <j.bakshi@unlimitedmail.org> wrote:

> Hello list,
> 
> Hope you all are well. It is nearly 2 weeks I am working with
> iptables configuration and stuck poorly at a very interesting point.
> Among several others feature of my firewall, one I like to implement
> is limit_total_connection_of_a_service. There is already rate-limiter
> like a user can't get more than 2 ftp connection per min from the
> same source IP. I have used hashlimit for this. It can also be
> extended to restrict  *all total*  2 connection per min . 
> 
> - But what to do to restrict all total 2 ftp connection from a
> particular source ?  

Ok, found iplimit

> - And to restrict all together 5 ftp connection to the server ?
> 

still searching for this one

> Could any one suggest a iptables configuration or iptables module to
> achieve these two objectives ? Thanks
> PS: Please CC me.


Top    Back