Difference between revisions of "Limiting number of simultaneous connections"

From Notes_Wiki
(Created page with "=Limiting number of simultaneous connections using iptables= ==Using connlimit module== We can use connlimit module of iptables to limit number of simultaneous connections t...")
(No difference)

Revision as of 12:50, 9 November 2012

Limiting number of simultaneous connections using iptables

Using connlimit module

We can use connlimit module of iptables to limit number of simultaneous connections to server in following manner 

iptables -I INPUT -p tcp --syn --dport 22 -m connlimit --connlimit-above 1 -j REJECT

This will allow only one ssh connection to server per client.

To limit number of simultaneous connections based on subnets we can use below syntax 

iptables -p tcp --syn --dport 22 -m connlimit --connlimit-above 16 --connlimit-mask 24 -j REJECT

This would allow only 16 connections from each /24 network.

Retrieved from "http://www.sbarjatiya.com/notes_wiki/index.php?title=Limiting_number_of_simultaneous_connections&oldid=194"