Ramin Alidousti wrote: > > > See the recent module. > > > > Here's what I do: > > > > $IPTABLES -v -A INPUT -p tcp --source $OUTSIDE -m recent --hitcount 10 > > --update --seconds 60 -j LOGDROP > > You may want to tweak the 'hitcount' as some pages do have more than 10 > components to fetch...
Would an http server create a new TCP connection to the client, though? I always thought http was a "pull" thing - the client initated the connection, which would not be matched by the above rule. Maybe I misunderstood recent - I thought it only matched SYN tcp packets. --Yan > > Ramin > -- Daddy, did all the hair that fell off your head stick to your arms? Akari, age 4 4:58am up 9 days, 22:26, 19 users
