IPTables limits?
Rick Stevens
ricks at nerd.com
Thu Oct 23 16:41:58 UTC 2008
Andrew Kelly wrote:
> On Wed, 2008-10-22 at 11:30 -0700, Rick Stevens wrote:
>> Andrew Kelly wrote:
> <snip>
>
>>> Unfortunately, it also foils legitimate accesses often enough. This is a
>>> very effective set up, but it comes with the caveat that "connection
>>> requests" are counted, and not "connection requests from IP address
>>> such-and-such".
>> No, it tracks the source IP. Two attempts from the same source IP
>> trigger the lockout.
>
> Mea Culpa, Rick, you're absolutely right. I just discovered that my
> rules weren't even using the recent mod. (Homer Simpson sound)
Heheheheh! I often have "D'oh!" moments myself, usually followed by
maniacal laughter from the people in the immediate vicinity!
> Thanks, man.
Anytime.
BTW, "D'oh!" is now in the Oxford American English dictionary. Go
figure!
----------------------------------------------------------------------
- Rick Stevens, Systems Engineer ricks at nerd.com -
- AIM/Skype: therps2 ICQ: 22643734 Yahoo: origrps2 -
- -
- Linux is like a wigwam...no windows, no gates...and apache inside! -
----------------------------------------------------------------------
More information about the Redhat-install-list
mailing list