[CentOS] IPTABLES question

5 May 2015


      Would someone please explain to me the difference in effect between
the following two IPTABLES conditions and the significance thereof in
concurrent connection limiting?
--tcp-flags SYN,ACK,FIN,RST SYN -j REJECT \
  --connlimit-above 3 --connlimit-mask 32
--state NEW -j REJECT \
  --connlimit-above 3 --connlimit-mask 32
-- 
***          e-Mail is NOT a SECURE channel          ***
        Do NOT transmit sensitive data via e-Mail
James B. Byrne                mailto:ByrneJB@Harte-Lyne.ca
Harte & Lyne Limited          http://www.harte-lyne.ca
9 Brockley Drive              vox: +1 905 561 1241
Hamilton, Ontario             fax: +1 905 561 0757
Canada  L8E 3C3

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

[CentOS] IPTABLES question