How restrict concurrent parallel session on Linux
You can restrict the parallel sessions made by external servers. Below the steps:
1. Log as root user
2. View the current rules:
iptables -L
View the numbered rules:
iptables -L --line-numbers view the numbered rules
3. Edit rc.local file(adding static rule):
vi /etc/rc.local
For example add rule which allowing only 5 concurrent sessions on port 80 from source IP 192.168.6.1:
iptables -A INPUT -s 192.168.6.1 -p tcp --syn --dport 80 -m connlimit --connlimit-above 5 -j REJECT --reject-with tcp-reset
4. Add in terminal (adding dynamic rule):
iptables -A INPUT -s 192.168.6.1 -p tcp --syn --dport 80 -m connlimit --connlimit-above 5 -j REJECT --reject-with tcp-reset
That's it!
If you delete any rule just use below command:
iptables -D INPUT N
where N is the number of rule. You can find the number of rule by using command:
iptables -L --line-numbers
No comments:
Post a Comment