LinuxQuestions.org - limit number of connections for a single ip on port 80 to CentOS 5.5

- Linux - Security (https://www.linuxquestions.org/questions/linux-security-4/)

- - limit number of connections for a single ip on port 80 to CentOS 5.5 (https://www.linuxquestions.org/questions/linux-security-4/limit-number-of-connections-for-a-single-ip-on-port-80-to-centos-5-5-a-830526/)

walidaly

09-05-2010 09:18 PM

limit number of connections for a single ip on port 80 to CentOS 5.5

How to number of connections for a single ip on port 80 to CentOS 5.5 with iptables?
connlimit did not work on CentOS and nginx does not provide a module for that

nullbyte

09-05-2010 11:50 PM

iptables -I INPUT -p tcp -s 0/0 –sport 513:65535 –dport 80 -m state –state NEW,ESTABLISHED -m recent –set -j ACCEPT
iptables -I INPUT -p tcp –dport 80 -m state –state NEW -m recent –update –seconds 2 –hitcount 25 -j DROP
iptables -A OUTPUT -p tcp -s 0/0 -d 0/0 –sport 22 –dport 513:65535 -m state –state ESTABLISHED -j ACCEPT

that rules should do what you want, works fine for me.

walidaly

09-07-2010 12:38 AM

Thanks nullbyte!
why do you add –sport 513:65535 ?

kaushalpatel1982

09-08-2010 05:33 AM

from 3 lines your required line is
iptables -I INPUT -p tcp –dport 80 -m state –state NEW -m recent –update –seconds 2 –hitcount 25 -j DROP

The third one is for ssh access.

abefroman

09-08-2010 11:52 PM

Quote:

Originally Posted by walidaly (Post 4090062)

Thanks nullbyte!
why do you add –sport 513:65535 ?

Destination port 513-65535 from a source port of 22

All times are GMT -5. The time now is 02:03 PM.