Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
K
K
KaMaToZzz2018-05-04 21:57:15
iptables
KaMaToZzz, 2018-05-04 21:57:15

Is the iptables rule correct?

Hello
iptables -t mangle -A POSTROUTING -s 111.0.0.0/8 -p tcp --dport 25 -m state --state NEW -m recent --name SMTP --update --seconds 30 --hitcount 1 -j LOG --log-prefix "Recent30sec1: " No
output from /var/log/message.
I check: I create screen telnet smtp.yandex.ru many times.
The goal, when exceeding, for example, 201 connections per minute on port 25 from such and such a network, is to send to the drop until these connections become 200

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
P
Pavel Selivanov, 2018-05-10
@selivanov_pavel

Maybe PREROUTING, if you filter by -s?
In general, such a complex rule must be debugged in parts. First, ensure that everything falls into the log according to one criterion (-s xxx -p nn), then add the second, etc. It will immediately be clear where the plug is.

Similar questions
V
VA2016-03-31 17:53:24
Port forwarding iptables, qemu, linux+windows, firewall? 1Reply
Z
zcoder2018-08-28 10:58:32
How to redirect traffic on the router? 2Reply
F
fman22016-04-04 12:35:50
How to restrict access to mysql through iptables in Debian? 1Reply
V
vadimeasy2021-11-17 09:05:45
How to make limited permissions for SSH operations using iptables? 1Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question