Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
K
K
KaMaToZzz2018-05-04 21:57:15
iptables
KaMaToZzz, 2018-05-04 21:57:15

Is the iptables rule correct?

Hello
iptables -t mangle -A POSTROUTING -s 111.0.0.0/8 -p tcp --dport 25 -m state --state NEW -m recent --name SMTP --update --seconds 30 --hitcount 1 -j LOG --log-prefix "Recent30sec1: " No
output from /var/log/message.
I check: I create screen telnet smtp.yandex.ru many times.
The goal, when exceeding, for example, 201 connections per minute on port 25 from such and such a network, is to send to the drop until these connections become 200

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
P
Pavel Selivanov, 2018-05-10
@selivanov_pavel

Maybe PREROUTING, if you filter by -s?
In general, such a complex rule must be debugged in parts. First, ensure that everything falls into the log according to one criterion (-s xxx -p nn), then add the second, etc. It will immediately be clear where the plug is.

Similar questions
K
Kamil2019-05-03 14:39:51
How to record all IP addresses that are in Drop Iptables? 2Reply
P
partisan422019-05-06 13:57:58
How to make iptables work after reboot? 1Reply
K
Konstantin Khairov2016-12-15 15:38:22
What IP does Telegram use to check RSS? 3Reply
G
George N2017-01-09 10:37:50
How to set up a firewall for dynamic IP access? 1Reply
J
jidckii2015-01-29 19:49:02
Why is 1 rule repeated multiple times in iptables? 2Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question