LinuxQuestions.org
LinuxAnswers - the LQ Linux tutorial section.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
Reload this Page limit number of connections for a single ip on port 80 to CentOS 5.5
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
LinkBack Search this Thread
Old 09-05-2010, 10:18 PM   #1
walidaly
Member
 
Registered: Mar 2007
Posts: 62

Rep: Reputation: 15
limit number of connections for a single ip on port 80 to CentOS 5.5

How to number of connections for a single ip on port 80 to CentOS 5.5 with iptables?
connlimit did not work on CentOS and nginx does not provide a module for that
 
Old 09-06-2010, 12:50 AM   #2
nullbyte
LQ Newbie
 
Registered: Sep 2010
Posts: 1

Rep: Reputation: 0
iptables -I INPUT -p tcp -s 0/0 –sport 513:65535 –dport 80 -m state –state NEW,ESTABLISHED -m recent –set -j ACCEPT
iptables -I INPUT -p tcp –dport 80 -m state –state NEW -m recent –update –seconds 2 –hitcount 25 -j DROP
iptables -A OUTPUT -p tcp -s 0/0 -d 0/0 –sport 22 –dport 513:65535 -m state –state ESTABLISHED -j ACCEPT

that rules should do what you want, works fine for me.
 
Old 09-07-2010, 01:38 AM   #3
walidaly
Member
 
Registered: Mar 2007
Posts: 62

Original Poster
Rep: Reputation: 15
Thanks nullbyte!
why do you add –sport 513:65535 ?
 
Old 09-08-2010, 06:33 AM   #4
kaushalpatel1982
Member
 
Registered: Aug 2007
Location: INDIA
Distribution: CentOS, RHEL, Fedora, Debian, Ubuntu, LinuxMint, PCLinuxOS
Posts: 125

Rep: Reputation: 4
from 3 lines your required line is
iptables -I INPUT -p tcp –dport 80 -m state –state NEW -m recent –update –seconds 2 –hitcount 25 -j DROP

The third one is for ssh access.
 
Old 09-09-2010, 12:52 AM   #5
abefroman
Senior Member
 
Registered: Feb 2004
Location: Chicago
Distribution: CentOS w/Cpanel
Posts: 1,122

Rep: Reputation: 51
Quote:
Originally Posted by walidaly View Post
Thanks nullbyte!
why do you add –sport 513:65535 ?
Destination port 513-65535 from a source port of 22
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
limit number of concurrent network connections procfs Linux - Newbie 2 02-02-2009 02:16 AM
KDE limit number of ftp connections zxLinux Linux - Desktop 1 07-26-2008 04:15 AM
Limit number of concurrent connections in apache jakev383 Linux - Server 2 07-18-2008 04:58 PM
Limit number of simultaneous TCP connections per IP hegdeshashi Linux - Networking 1 01-06-2006 09:29 PM
How to limit the number of TCP connections for a certain port? mussons Linux - Security 1 01-28-2004 07:27 AM


All times are GMT -5. The time now is 04:18 PM.

Contact Us - Advertising Info - Rules - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
 
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: @linuxquestions
Open Source Consulting | Domain Registration