[Gllug] iptables: conditional rate limiting

Tim Schofield tim at scoffer.net
Sat Feb 14 13:14:49 UTC 2009


On Fri, 2009-02-13 at 15:35 +0000, Alain Williams wrote:
> I currenty rate limit new connections to ssh using iptables.
> 
> What I should really be doing is to rate limit *failed* connections.
> I would then like to extend this to imaps & maybe others
> 
> Any idea how this could be done.


I use a package called fail2ban which adds custom rules to iptables by
monitoring entries in log files.  I use it to drop connections on failed
logon attempts for ssh, smtp, courier imap.

Tim 

-- 
Gllug mailing list  -  Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug




More information about the GLLUG mailing list