A
A
Ahmed C2020-07-23 20:49:15
iptables
Ahmed C, 2020-07-23 20:49:15

How to limit the number of connected IP addresses to a port through iptables?

Good day.

I've run into a seemingly simple problem, but I can't solve it.
Installed the shadowsocks-libev server, listens on port 4443 tcp and udp, authorization for clients is based on a single password. Everything works fine, but people are handing out client settings (including the password) to others, already 200 people (different IPs) at the same time on the server.
Can I use iptables to limit the number of concurrently connected IPs? I know that there is an iptables connlimit module that allows you to limit the number of connections. But this is not an option, you need to limit the number of IPs, since one IP can have several connections and connlimit will not help here.
The question is not only about the specific shadowsocks application, sometimes you need to limit the number of IPs connected to the web server.

Answer the question

In order to leave comments, you need to log in

2 answer(s)
D
Dimonchik, 2020-07-24
@dimonchik2013

using ip tables in no way, since you need to keep some kind of counter, but this is not provided,
but you can try to play with some kind of fail2ban

A
Ahmed C, 2021-02-26
@Rorus

The issue was resolved by setting Shadowsocks Manager. Now each user has his own port and the number of connections per port is limited using iptables

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question