LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Home Forums Tutorials Articles Register
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
Reload this Page limit number of connections for a single ip on port 80 to CentOS 5.5
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 09-05-2010, 09:18 PM   #1
walidaly
Member
 
Registered: Mar 2007
Posts: 64

Rep: Reputation: 15
limit number of connections for a single ip on port 80 to CentOS 5.5

How to number of connections for a single ip on port 80 to CentOS 5.5 with iptables?
connlimit did not work on CentOS and nginx does not provide a module for that
 
Old 09-05-2010, 11:50 PM   #2
nullbyte
LQ Newbie
 
Registered: Sep 2010
Posts: 1

Rep: Reputation: 0
iptables -I INPUT -p tcp -s 0/0 –sport 513:65535 –dport 80 -m state –state NEW,ESTABLISHED -m recent –set -j ACCEPT
iptables -I INPUT -p tcp –dport 80 -m state –state NEW -m recent –update –seconds 2 –hitcount 25 -j DROP
iptables -A OUTPUT -p tcp -s 0/0 -d 0/0 –sport 22 –dport 513:65535 -m state –state ESTABLISHED -j ACCEPT

that rules should do what you want, works fine for me.
 
Old 09-07-2010, 12:38 AM   #3
walidaly
Member
 
Registered: Mar 2007
Posts: 64

Original Poster
Rep: Reputation: 15
Thanks nullbyte!
why do you add –sport 513:65535 ?
 
Old 09-08-2010, 05:33 AM   #4
kaushalpatel1982
Member
 
Registered: Aug 2007
Location: INDIA
Distribution: CentOS, RHEL, Fedora, Debian, Ubuntu, LinuxMint, Kali Linux, Raspbian
Posts: 166

Rep: Reputation: 10
from 3 lines your required line is
iptables -I INPUT -p tcp –dport 80 -m state –state NEW -m recent –update –seconds 2 –hitcount 25 -j DROP

The third one is for ssh access.
 
Old 09-08-2010, 11:52 PM   #5
abefroman
Senior Member
 
Registered: Feb 2004
Location: lost+found
Distribution: CentOS
Posts: 1,430

Rep: Reputation: 55
Quote:
Originally Posted by walidaly View Post
Thanks nullbyte!
why do you add –sport 513:65535 ?
Destination port 513-65535 from a source port of 22
 
  


Reply



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
limit number of concurrent network connections procfs Linux - Newbie 2 02-02-2009 01:16 AM
KDE limit number of ftp connections zxLinux Linux - Desktop 1 07-26-2008 03:15 AM
Limit number of concurrent connections in apache jakev383 Linux - Server 2 07-18-2008 03:58 PM
Limit number of simultaneous TCP connections per IP hegdeshashi Linux - Networking 1 01-06-2006 08:29 PM
How to limit the number of TCP connections for a certain port? mussons Linux - Security 1 01-28-2004 06:27 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 06:10 AM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration