-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
I do have the following iptables rule here :
# Tor # dirport=80 orport=443
$IPT -A INPUT -p tcp --destination-port $dirport --match conntrack --ctstate NEW --match connlimit --connlimit-above 1 --connlimit-mask 32 -j DROP $IPT -A INPUT -p tcp --destination-port $orport --match conntrack --ctstate NEW --match connlimit --connlimit-above 1 --connlimit-mask 32 -j DROP
which seems to work fine. An
$> ip6tables -nvL
gives
14110 746K DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 ctstate NEW #conn src/32 > 1 230K 14M DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:443 ctstate NEW #conn src/32 > 1
after few days so I do just like to ask here if the rules above are fine or if I overllooked something ?
- -- Toralf PGP C4EACDDE 0076E94E