5

I have a connlimit rule in iptables that allow only 5 connection to port 80.

iptables -A FORWARD -p tcp -m tcp --syn --dport 80 -m connlimit --connlimit-above 5 --connlimit-saddr -j DROP

This rule works fine till I restore iptables. After restore rules, connlimit counters start over and clients/attackers can open 5 more connection.

Is it possible to avoid this situation?

Improve this question

1 Answer 1

Reset to default
2

Use iptables-save or iptables-resotre with -c option to include bytes and counters.

http://www.iptables.info/en/iptables-save-restore-rules.html

Improve this answer
1
  • the counter is just how many times the rule has hit, not the number of connections per tuple of IP addresses and per rule. I presume the ones who have upvoted didn't try, because it doesn't work.
    – Eric
    Commented Sep 5, 2022 at 17:30

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .