22 Feb
2021
22 Feb
'21
8:11 a.m.
On 2/22/21 1:01 AM, lists@for-privacy.net wrote:
Multiport example: # Up to 15 ports can be specified. A port range (port:port) counts as two ports. # Drop incoming connections which make more than 10 connection attempts upon ports x-y within 1 minute -A INPUT -p tcp -m multiport --dports xx:yy -m state --state NEW -m recent --name syfloo --set -A INPUT -p tcp -m multiport --dports xx:yy -m state --state NEW -m recent --name syfloo --update --seconds 60 --hitcount 10 -j DROP
yeah, cool, I do wonder if "-m multiport --dports xx:yy" is needed ?
--connlimit-upto & --connlimit-above looks interesting too.
That I got never to work
-- Toralf