Networking Forums
Home Register Members Search Links
Member Login:

Networking Forums > Computer Networking > Linux Networking > Iptables question : need help =)

Reply
Thread Tools Display Modes

Iptables question : need help =)

 
 
mcd
Guest
Posts: n/a

 
      07-31-2004, 10:25 AM
Hi all,

Is it somebody know if it is possible to use iptables rules to allow only N
socket open per user, or deny the connection to a new socket if N are
already open ?

Tanks a lot,
answer realy help me ;-)

Mike
(E-Mail Removed)
 
Reply With Quote
 
 
 
 
Juha Laiho
Guest
Posts: n/a

 
      07-31-2004, 10:47 AM
"mcd" <(E-Mail Removed)> said:
>Is it somebody know if it is possible to use iptables rules to allow only N
>socket open per user, or deny the connection to a new socket if N are
>already open ?

As far as I know, there isn't such functionality. What it is that you're
attempting to achieve (so, what you're trying to achieve with this
limitation)?
--
Wolf a.k.a. Juha Laiho Espoo, Finland
(GC 3.0) GIT d- s+: a C++ ULSH++++$ P++@ L+++ E- W+$@ N++ !K w !O !M V
PS(+) PE Y+ PGP(+) t- 5 !X R !tv b+ !DI D G e+ h---- r+++ y++++
"...cancel my subscription to the resurrection!" (Jim Morrison)
 
Reply With Quote
 
Peter O
Guest
Posts: n/a

 
      07-31-2004, 04:11 PM
"mcd" <(E-Mail Removed)> wrote in message news:<cefs43$9nk$(E-Mail Removed)>...
> Hi all,
>
> Is it somebody know if it is possible to use iptables rules to allow only N
> socket open per user, or deny the connection to a new socket if N are
> already open ?
>
> Tanks a lot,
> answer realy help me ;-)
>
> Mike
> (E-Mail Removed)

Hi Mike,

please have a look at --limit and --limit-burst flags (iptables). By
using them on SYN packages you might be able set a policy that will do
something similar to what you want to achieve.

Cheers,
Peter
www.dialore.com
 
Reply With Quote
 
Morten Isaksen
Guest
Posts: n/a

 
      07-31-2004, 07:18 PM
On Sat, 31 Jul 2004 10:47:02 GMT, Juha Laiho wrote:

> "mcd" <(E-Mail Removed)> said:
>>Is it somebody know if it is possible to use iptables rules to allow only N
>>socket open per user, or deny the connection to a new socket if N are
>>already open ?
>
> As far as I know, there isn't such functionality. What it is that you're
> attempting to achieve (so, what you're trying to achieve with this
> limitation)?

There is a module to iptables that can do that. Check for connlimit at
http://www.netfilter.org/patch-o-matic/pom-base.html.

It is not part of the standard kernel.

It is very useful to stop p2p users from makeing too many connections.

--
Morten Isaksen
http://www.aub.dk/~misak/
 
Reply With Quote
 
 
 
Reply

« New Hardware found Pop Up | Two SSH Connections to Server, One Is Slow »
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
iptables question Coenraad Loubser Linux Networking 2 03-11-2005 04:36 PM
iptables question. Gabolander Linux Networking 0 10-06-2003 06:59 PM
iptables question.... sam Linux Networking 0 09-22-2003 03:27 PM
Iptables question.. ishwar Linux Networking 1 07-17-2003 03:11 PM
IPTables question kza@wah.ath.cx Linux Networking 1 07-09-2003 04:34 AM


Forum Software Powered by vBulletin®, Copyright Jelsoft Enterprises Ltd.
SEO by vBSEO 3.3.2 ©2009, Crawlability, Inc.
Contact Us - Archive - Privacy Statement - Top

1 2 3 4 5 6 7 8 9 10 11