Trying to understand iptables
- From: "Michael S. Peek" <peek@xxxxxxxxxxxx>
- Date: Thu, 31 Jul 2008 13:17:39 -0400
Hello gurus,
I'm playing around with the SSH throttling examples from debian-administration.org. I'm still a bit new to iptables, and I'm trying to understand how this works.
I have the following two commands:
iptables -I INPUT -p tcp --dport 22 -i eth0 -m state --state NEW -m recent \
--set
iptables -I INPUT -p tcp --dport 22 -i eth0 -m state --state NEW -m recent \
--update --seconds 60 --hitcount 4 -j DROP
Which tells the kernel to allow 3 new ssh connections from a single remote host, and after that the remote host is blocked by dropping the packets. My question is, for how long is the remote host blocked? Another 60 seconds?
Or to put it another way, how does iptables know how long to remember a recent connection? And can I change that?
Michael
--
To UNSUBSCRIBE, email to debian-user-REQUEST@xxxxxxxxxxxxxxxx with a subject of "unsubscribe". Trouble? Contact listmaster@xxxxxxxxxxxxxxxx
- Prev by Date: Re: Installation from a usb drive
- Next by Date: Re: SOLVED was Re: pine help
- Previous by thread: 2.6.26 + vga=791
- Next by thread: Re: [OFF] Monitor skype chat
- Index(es):
Relevant Pages
|
