modprobe ipt_iplimit iptables -m iplimit --iplimit-above <nr-conexiuni> -j REJECT --reject-with host-unreach
PS: modulul ipt_iplimit face parte din colectia POM Best regards, Serghei Gutanu On Fri, 17 Jun 2005, Remus Anca wrote: > Date: Fri, 17 Jun 2005 14:28:49 +0300 > From: Remus Anca <[EMAIL PROTECTED]> > Reply-To: [email protected] > To: Serghei Gutanu <[email protected]> > Subject: [rlug] Re: apache: limitare conexiuni/IP > > > SG> iptables --limit > > am folosit asta pina acum, dar cred ca ceva nu fac bine: > asta ar trebui sa nu permita mai mult de un SYN/secunda ... > intelesesem eu cind am citi/facut chestia asta > > > $fw -N FLOOD > $fw -A FLOOD -p tcp -d 0/0 --dport 53 -j ACCEPT > $fw -A FLOOD -m limit --limit 1/second -j RETURN > $fw -A FLOOD -j DROP > > > > $fw -P INPUT DROP > > $fw -A INPUT -p tcp --syn -j FLOOD > > > --- > Detalii despre listele noastre de mail: http://www.lug.ro/ > > > --- Detalii despre listele noastre de mail: http://www.lug.ro/
