We have a websocket server that accepts connections. Unfortunately, for a reason that we have yet to identify some clients go rogue and connect/disconnect/connect... in loop at a very high frequency. This is a mess to deal with and penalizes other legit clients.
I added IPTABLE records to drop their traffic, but soon enough, another client starts to mess up. At the same time, a client who used to behave badly may start to behave normally again. It doesn't scale very much to edit the IPTABLE manually all day long.
Is there a way to dynamically block traffic from these clients who try to connect too often? I'd rather avoid to do that at the websocket server, because of course when doing this, this takes resources away from other legit clients.