21 Nov
2006
21 Nov
'06
11:05 a.m.
On 07:09, Fri 17 Nov 06, Sudev Barar wrote:
You can use IPTables to limit the rate of connections. I allow only 2 connections from a given IP address within each 3 minute period.
I know this is sloppy and lazy but can you post your iptables line that does this?
Something like:
# Don't have a limit on my_trusted_domain iptables -A INPUT -p tcp -s my_trusted_domain.org --dport 22 -j ACCEPT
# Don't have a limit the internal net iptables -A INPUT -p tcp -s internal_net --dport 22 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -m limit --limit 2/minute --limit-burst 1 -j ACCEPT iptables -A INPUT -p tcp --dport 22 -j REJECT --reject-with tcp-reset
Search iptables manual page for limit :).
Sarunas