lunes, 5 de marzo de 2012
limitar por tiempo iptables
Allow connections to webserver, 512/sec, as I said, small server
-A INPUT -m tcp -p tcp --dport 80 -m state --state NEW -m limit --limit 512/s --limit-burst 512 -j ACCEPT
# Allow SSL connections to webservers, same as port 80
-A INPUT -m tcp -p tcp --dport 443 -m state --state NEW -m limit --limit 512/s --limit-burst 512 -j ACCEPT
# Allow connections to mail server, small traffic, 10/s should be more than enough
-A INPUT -m tcp -p tcp --dport 25 -m state --state NEW -m limit --limit 10/s --limit-burst 10 -j ACCEPT
# Allow TLS connections to mail server
-A INPUT -m tcp -p tcp --dport 465 -m state --state NEW -m limit --limit 10/s --limit-burst 10 -j ACCEPT
# Allow connections to IMAP4 server
-A INPUT -m tcp -p tcp --dport 143 -m state --state NEW -m limit --limit 10/s --limit-burst 10 -j ACCEPT
# Allow connections to IMAPS server
-A INPUT -m tcp -p tcp --dport 993 -m state --state NEW -m limit --limit 10/s --limit-burst 10 -j ACCEPT
# Allow connections to sieve server
-A INPUT -m tcp -p tcp --dport 4190 -m state --state NEW -m limit --limit 3/min --limit-burst 3 -j ACCEPT
COMMIT
Suscribirse a:
Enviar comentarios (Atom)
No hay comentarios:
Publicar un comentario