Tuesday, April 16, 2013

how to limit number of connections to server per second with iptables

# 2 hits per second per ip address

iptables -A INPUT -p tcp --dport 80 -i eth0 -m state --state NEW -m recent --set
iptables -A INPUT -p tcp --dport 80 -i eth0 -m state --state NEW -m recent --update --seconds 1 --hitcount 2 -j DROP

iptables -A INPUT -p tcp --dport 443 -i eth0 -m state --state NEW -m recent --set
iptables -A INPUT -p tcp --dport 443 -i eth0 -m state --state NEW -m recent --update --seconds 1 --hitcount 2 -j DROP

Posted by unsigned_nerd at 10:40 p.m.
Labels: , ,

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)