Dan NAE wrote:
>lonely wolf wrote:
>
>
>>Marius Stan wrote:
>>
>>
>>
>>
>>>>Da, de mana: for i in $IpsWithStickyFingers; do iptables -m;done=20
>>>>alternativ poti folosi `seq 1 255` :)
>>>> =20
>>>>
>>>>
>>>>
>>>eh, prin "per IP" ma gindeam la o singura regula, nu la 255 :o)
>>>=20
>>>
>>>
>>>
>>citat din iptables
>>
>>$IPT -A INPUT -p tcp -i $INTERFACE-d $DEST_IP --syn --dport 80 -m=20
>>connlimit --connlimit-above 3 -j REJECT --reject-with icmp-port-unreachab=
>>le
>>
>>
>Eu n-am optiunea aia in iptables...ia sa facem un upgrade.
>
>
nici eu; inca
>>
>>citat din manualul xinetd
>>
>>defaults
>>{
>> instances =3D 60
>> log_type =3D SYSLOG authpriv
>> log_on_success =3D HOST PID
>> log_on_failure =3D HOST
>> cps =3D 25 30
>>}
>>includedir /etc/xinetd.d
>>
>>These lines control various aspects of xinetd:
>>
>> *
>>
>> instances =97 Sets the maximum number of requests xinetd can handle=
>>
>> at once.
>>
>> *
>>
>> cps =97 Configures xinetd to allow no more than 25 connections per
>> second to any given service. If this limit is reached, the service
>> is retired for 30 seconds.
>>
>>
>>
nu sunt 100% sigur, dar astea 2 nu par sa faca ce vreau eu.
---
Detalii despre listele noastre de mail: http://www.lug.ro/
