Is it possible to limit incoming tcp packets per second (or bytes per second) with iptables or haproxy? I have found many examples but none of them seem to work.
Asked
Active
Viewed 713 times
1 Answers
0
I figured it out.
iptables -A INPUT -p tcp --dport 1234 -m state --state NEW -j ACCEPT
iptables -I INPUT -p tcp --dport 1234 -m hashlimit --hashlimit-mode srcip,srcport --hashlimit-name HASHNAME --hashlimit-htable-max 5000 --hashlimit-htable-expire 10000 --hashlimit-above 5/sec -j DROP
Ryan
- 21
- 2