Limit

Daniel Lopes lopsch at lopsch.com
Fri Aug 26 23:28:35 CEST 2005


Taylor, Grant schrieb:
> Take a look at the connlimit match extension.
> 
> iptables -t filter -A INPUT -i ${WAN} -d ${WANIPAddress} -p tcp --dport 3333 -m connlimit --connlimit-above 10 -j DROP
> 
> 
> 
> Grant. . . .
> 
> Lyubomir Louisov wrote:
> 
>>So how can i limit the number of connections on port 3333 to no more than 10
>>at a time with iptable?
>>Is it posible?
> 
> 
> 
> 
I first thought about the same thing. But that will allow more than 10 
connections in total. It will allow only 10 connections per IP but afaik 
in total it can then be alot more than 10 depending on the IPs 
connecting. Don't know how you can limit it to 10 connections in total 
but there must be a way with so much options being available for 
iptables ;). Please correct me if I am wrong.



More information about the netfilter mailing list