Archive for the tag 'hashlimit'

SBDavid

Using hashlimit in iptables

Using hashlimit in iptables

iptables -I INPUT -m hashlimit -m tcp -p tcp –dport 23032 –hashlimit 1/min –hashlimit-mode srcip –hashlimit-name ssh -m state –state NEW -j ACCEPT

This rule limits one connection to the SSH port from one IP address per minute.

hashlimit match options

  --hashlimit-upto            max average match rate
                                   [Packets per second unless followed by
                                   /sec /minute /hour /day postfixes]
  –hashlimit-above           min average match rate
  –hashlimit-mode           mode is a comma-separated list of
                                   dstip,srcip,dstport,srcport (or none)
  –hashlimit-srcmask      source address grouping prefix length
  –hashlimit-dstmask      destination address grouping prefix length
  –hashlimit-name           name for /proc/net/ipt_hashlimit
  –hashlimit-burst 	    number to match in a burst, default 5
  –hashlimit-htable-size     number of hashtable buckets
  –hashlimit-htable-max      number of hashtable entries
  –hashlimit-htable-gcinterval    interval between garbage collection runs
  –hashlimit-htable-expire        after which time are idle entries expired?