how to get rid of maximum requests

Protecting your Linux box
Post Reply
ranatanveer
Subedar
Posts: 355
Joined: Sat May 07, 2005 11:54 am
Location: Lahore
Contact:

how to get rid of maximum requests

Post by ranatanveer »

Helo Every one
i am running a small network for web surfing (cable net) with fedora core 3 and linux-2.6.5-1.358. i have a problem with one of my node (10.0.0.17). and this ip is generating the maximum of requests i want to limit its request throug iptables. could any one tell me the specified chain to do this.
for example
# netstat -an | grep 10.0.0.17 | grep tcp | wc -l
159
i just want it should be in between 25 to 50. is there any way ?
LinuxFreaK
Site Admin
Posts: 5132
Joined: Fri May 02, 2003 10:24 am
Location: Karachi
Contact:

Re:

Post by LinuxFreaK »

Dear ranatanveer,
Salam,

# iptables -N FLOOD
# iptables -A INPUT -p tcp --syn -j FLOOD
# iptables -A FLOOD -m limit --limit 1/s --limit-burst 3 -j RETURN
# iptables -A FLOOD -j DROP


Best Regards.
Farrukh Ahmed
ranatanveer
Subedar
Posts: 355
Joined: Sat May 07, 2005 11:54 am
Location: Lahore
Contact:

Post by ranatanveer »

Thankyou Guru
if i would like to add the IP address of the node,

# iptables -A FLOOD -s 10.0.0.17 -m limit --limit 1/s --limit-burst 3 -j RETURN

is that ok ??
regards
shakirz1
Battalion Quarter Master Havaldaar
Posts: 207
Joined: Sat Aug 09, 2003 5:00 pm
Location: Karachi
Contact:

Post by shakirz1 »

LinuxFreaK:

after apply this script, how many connection can be created by user ?

becoz one of our user share this connection in his office for 5 pc.
LinuxFreaK
Site Admin
Posts: 5132
Joined: Fri May 02, 2003 10:24 am
Location: Karachi
Contact:

Re:

Post by LinuxFreaK »

Dear shakirz1,
Salam,

Maximum Burst of 3 Packets.

Best Regards.
Farrukh Ahmed
LinuxFreaK
Site Admin
Posts: 5132
Joined: Fri May 02, 2003 10:24 am
Location: Karachi
Contact:

Re:

Post by LinuxFreaK »

Dear ranatanveer,
Salam,
ranatanveer wrote:if i would like to add the IP address of the node,

# iptables -A FLOOD -s 10.0.0.17 -m limit --limit 1/s --limit-burst 3 -j RETURN

is that ok ??
Yeah its look fine.

Best Regards.
Farrukh Ahmed
ranatanveer
Subedar
Posts: 355
Joined: Sat May 07, 2005 11:54 am
Location: Lahore
Contact:

Post by ranatanveer »

Thank you Guru
Post Reply