-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 I do have the following iptables rule here : # Tor # dirport=80 orport=443 $IPT -A INPUT -p tcp --destination-port $dirport --match conntrack --ctstate NEW --match connlimit --connlimit-above 1 --connlimit-mask 32 -j DROP $IPT -A INPUT -p tcp --destination-port $orport --match conntrack --ctstate NEW --match connlimit --connlimit-above 1 --connlimit-mask 32 -j DROP which seems to work fine. An $> ip6tables -nvL gives 14110 746K DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 ctstate NEW #conn src/32 > 1 230K 14M DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:443 ctstate NEW #conn src/32 > 1 after few days so I do just like to ask here if the rules above are fine or if I overllooked something ? - -- Toralf PGP C4EACDDE 0076E94E -----BEGIN PGP SIGNATURE----- iI0EAREIADUWIQQaN2+ZSp0CbxPiTc/E6s3eAHbpTgUCWZM4sxccdG9yYWxmLmZv ZXJzdGVyQGdteC5kZQAKCRDE6s3eAHbpTqnGAQCPr7gkpaxRD3spzKp49l53A2H0 YOzXrw8G8vR8BtHZPQD+NE4Zhf7Y0w0JtKqy6E5bSowikeSJsKSDur8zxO+kf8E= =UPak -----END PGP SIGNATURE-----