Hi all. I have a simple question. Is that a way to limit the number os TCP or
UDP connection of a single HOST in my network?
For exemple:
I have a host with IP 192.168.1.202 and he is using edonkey, Kazaa, and
Bittorrent at the same time, and he also is infected by a virus that opens more
than 500 TCP ports at the same time. So, i want to limit that host to be able to
open no more then 30 TCP connections at once, so he wouldnt hurt the other
users.
Thanks in advance,
Cristiano Soares
iptables -I FORWARD -s 192.168.1.202 -p tcp --syn -m state --state NEW -m limit --limit 50/s --limit-burst 100 -j ACCEPT iptables -I FORWARD 2 -s 192.168.1.202 -p tcp --syn -m state --state NEW -j DROP with udps things are a bit simmilar, except you dont need the --syn On Mon, 25 Oct 2004 17:45:14 +0000, Rio Martin. <rio@martin.mu> wrote:> On 25 October 2004 am 06:05, Cristiano Soares wrote: > > > > Hi all. I have a simple question. Is that a way to limit the number os TCP > > or UDP connection of a single HOST in my network? For exemple: > > I have a host with IP 192.168.1.202 and he is using edonkey, Kazaa, and > > Bittorrent at the same time, and he also is infected by a virus that opens > > more than 500 TCP ports at the same time. So, i want to limit that host to > > be able to open no more then 30 TCP connections at once, so he wouldnt hurt > > the other users. > > Thanks in advance, > > Cristiano Soares > > > Try connlimit patches from Iptables POM > www.netfilter.org > > - Rio.Martin - > _______________________________________________ > LARTC mailing list / LARTC@mailman.ds9a.nl > http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/ >-- Bla bla _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
On 25 October 2004 am 06:05, Cristiano Soares wrote:> Hi all. I have a simple question. Is that a way to limit the number os TCP > or UDP connection of a single HOST in my network? For exemple: > I have a host with IP 192.168.1.202 and he is using edonkey, Kazaa, and > Bittorrent at the same time, and he also is infected by a virus that opens > more than 500 TCP ports at the same time. So, i want to limit that host to > be able to open no more then 30 TCP connections at once, so he wouldnt hurt > the other users. > Thanks in advance, > Cristiano SoaresTry connlimit patches from Iptables POM www.netfilter.org - Rio.Martin - _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Hello George, Thanks for adding some more infos related to this question. - Rio.Martin - On Monday 25 October 2004 15:12, George Alexandru Dragoi wrote:> iptables -I FORWARD -s 192.168.1.202 -p tcp --syn -m state --state NEW > -m limit --limit 50/s --limit-burst 100 -j ACCEPT > iptables -I FORWARD 2 -s 192.168.1.202 -p tcp --syn -m state --state NEW -j > DROP > > with udps things are a bit simmilar, except you dont need the --syn > > On Mon, 25 Oct 2004 17:45:14 +0000, Rio Martin. <rio@martin.mu> wrote: > > On 25 October 2004 am 06:05, Cristiano Soares wrote: > > > Hi all. I have a simple question. Is that a way to limit the number os > > > TCP or UDP connection of a single HOST in my network? For exemple: I > > > have a host with IP 192.168.1.202 and he is using edonkey, Kazaa, and > > > Bittorrent at the same time, and he also is infected by a virus that > > > opens more than 500 TCP ports at the same time. So, i want to limit > > > that host to be able to open no more then 30 TCP connections at once, > > > so he wouldnt hurt the other users. > > > Thanks in advance, > > > Cristiano Soares > > > > Try connlimit patches from Iptables POM > > www.netfilter.org > > > > - Rio.Martin - > > _______________________________________________ > > LARTC mailing list / LARTC@mailman.ds9a.nl > > http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/_______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/