IPLIMIT ?
Raj
list@mail.com.np
Fri, 4 Jan 2002 16:53:54 +0545 (NPT)
HI,
I am interested in limiting simultaneous connections from each host/IP in
a IP net range to a service/port of my internal server. I have iplimit
compiled into my kernel as a module from p-o-m and loads perfectly as
seen with a 'lsmod'. RH7.2/2.4.9-13custom, IPtables 1.2.4-2/p-o-m
The following rule does not serve as desired and does not allow any
connection at all to the server from any host in the source net range.
iptables -A FORWARD -s 192.168.10.0/24 -d 192.168.1.25 -p tcp --syn
--dport 25 -m iplimit --iplimit-above 2 -j REJECT
And when I apply the following rule (one source host only), it does allow
connections from it but even more conns (>2) than the allowed limit...ie.
the iplimit does not kick in.
iptables -A FORWARD -s 192.168.10.10 -d 192.168.1.25 -p tcp --syn
--dport 25 -m iplimit --iplimit-above 2 -j REJECT
My goal is to allow only 2 conns from a host in the given source net
range.
How can I achieve this...OR is anything missing out on the above commands?
Thanks in advance...
Cheers,
Raj