block input hammering from the same ip source address

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 These are iptables rules (ipv4) for my exit relay: IPT="/sbin/iptables" # Tor # $IPT -A INPUT -p tcp --destination-port 80 --match conntrack --ctstate NEW --match connlimit --connlimit-above 2 --connlimit-mask 32 -j DROP $IPT -A INPUT -p tcp --destination-port 443 --match conntrack --ctstate NEW --match connlimit --connlimit-above 2 --connlimit-mask 32 -j DROP # $IPT -A INPUT -p tcp --destination-port 80 -j ACCEPT $IPT -A INPUT -p tcp --destination-port 443 -j ACCEPT For the first 2 I do wonder if there's something I should consider too ? - -- Toralf PGP: C4EACDDE 0076E94E, OTR: 420E74C8 30246EE7 -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iF4EAREIAAYFAlfEh1wACgkQxOrN3gB26U4C2QD/Uvptq50hLXDbgLBwfKOWX60D 0ezIAtlBiXdjI86IeZkA/0ZW847biWDw3e51xLZpxGskA1aoD2mhz+xIbXvFMS/h =ZFV5 -----END PGP SIGNATURE-----
participants (1)
-
Toralf Förster