Limit number of simultaneous TCP connections per IP

To: debian-firewall@lists.debian.org
Subject: Limit number of simultaneous TCP connections per IP
From: Alvaro Reguly <debian@reguly.net>
Date: Sat, 7 Jun 2003 15:10:55 -0300 (BRT)
Message-id: <[🔎] Pine.LNX.4.56.0306071502590.23637@papael.stech.psi.br>

Hello, I want to limit the maximum number of simultaneous TCP
connections per IP number, say I don't want people flashgeting
stuff from my webserver with 50 threads or something.

I am using a per minute limit, but as a matter of fact, I would like
to limit people from download stuff at all times, not just that 60/minute
interval.

How do I do that? Theses lines are ok? won't they limit simultaneous
connections from all IPs at the same time? Did I make myself clear? :)

$IPT -A INPUT -p tcp --dport 80 -m state --state NEW -m limit --limit 60/minute --limit-burst 6 -j ACCEPT
$IPT -A INPUT -p tcp -j REJECT --reject-with tcp-reset

Thanks

-- 
Alvaro

Reply to:

Follow-Ups:
- Re: Limit number of simultaneous TCP connections per IP
  - From: Koba <koba@grupocom.com.ar>

Prev by Date: Re: Redirecting ports & DHCP Question
Next by Date: Re: Limit number of simultaneous TCP connections per IP
Previous by thread: Re: Redirecting ports & DHCP Question ** Resolved
Next by thread: Re: Limit number of simultaneous TCP connections per IP
Index(es):
- Date
- Thread