iptables dos limit for all ports
Posted
by
user973917
on Server Fault
See other posts from Server Fault
or by user973917
Published on 2012-04-11T05:03:26Z
Indexed on
2012/04/11
5:31 UTC
Read the original article
Hit count: 422
I know how to use limit conntrack option to allow for DoS protection. However, I want to add a protection to limit no more than say 50 connections for each port. How can I do this?
Basically, I want to make sure that each port can have no more than 50 connections, rather than globally applying 50 connections (which is what #2 does I believe?)
Would I do something like:
iptables -A INPUT --dport 1:65535 -m limit --limit 50/minute --limit-burst 50 -j ACCEPT
or
iptables -A INPUT -m limit --limit 50/minute --limit-burst 50 -j ACCEPT
© Server Fault or respective owner