Greetings, Philip. 2 декабря 2006 г., 1:22:59 you have wrote: >> >> Something like: >> >> iptables -A INPUT -p tcp --dport 25 -m limit --limit 20/minute --limit-burst >> 1 -j ACCEPT >> iptables -A INPUT -p tcp --dport 25 -j REJECT --reject-with tcp-reset >> >> Search iptables manual page for limit target. >> >> > Those iptable rules are global NOT by ip > dangerous I think :) it you get attacked on port 25 That's only a "design concept" ;-). It's always possible to create a script that'll update iptables rules digging out bad IPs from logs. There are a lot ways to do same tricks in Linux, as always.
-- Best Regards, Alexey Loukianov mailto:[EMAIL PROTECTED] Software Development Department, Lavtech Corp http://mnogo.ru, http://lavtech.ru --------------------------------------------------------------------- QmailToaster hosted by: VR Hosted <http://www.vr.org> --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
