David S. Madole wrote: > > If you are talking about the suggestion I made, which looked like this: > > iptables -A INPUT -p tcp --dport 22 \ > -m state --state NEW \ > -m recent --update --seconds 60 -j DROP > > iptables -A INPUT -p tcp --dport 22 \ > -m state --state NEW \ > -m recent --set -j ACCEPT > > then you did not read it right. It limits to one connection per IP address > per minute. Each source address is kept track of in enforcing the limit. > Using the --hitcount option in addition to the --seconds option, you can also > create limits such as a maximum of four connections in two minutes, etc. > > David
Wow, I never played with recent before but it's quite handy. Thanks for pointing this out. I'm already added a number of rules to protect various things. schu ---- Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
