Mailinglist Archive: opensuse-security (685 mails)

< Previous Next >
Re: [suse-security] iptables and limit
Il 18:03, martedì 5 febbraio 2002, Carlos ha scritto:
> i have begined to use iptables in a suse 7.3.
> is tehre any form to limmit the number of petitions to a web server?
> if i only want to server one petition per minute, can i make this with
> iptables?
> thanks

I guess that you call "petition to a web server" a connection attempt to
apache or another httpd.
Well, all you have to do is working with syn packets. It works with tcp
connections only, but I think you are not interested in udp yet.

These 2 rules should work like you are requesting:

iptables -A INPUT -m limit --limit 1/minute -p tcp --syn --destination-port
80 -j ACCEPT
iptables -A INPUT -p tcp --syn --destination-port 80 -j DROP

I do not know if there is a way to do that with Suse Firewall or Suse
Firewall2. Please, before using firewalling, see the documentation online and
on the web. (Look for netfilter)

Praise

< Previous Next >
This Thread
  • No further messages