is there any module to track total connection ?

is there any module to track total connection ?

[J. Bakshi]

Hello list,

I am searching for a module which can track the total connection at any
time and block  more incoming packets. Say dropping the new ssh
connection if the total ssh connection is already 4. any such module in
iptable ?

Thanks

Re: is there any module to track total connection ?

[J. Bakshi]

Any clue ??


J. Bakshi wrote:
> Hello list,
>
> I am searching for a module which can track the total connection at any
> time and block  more incoming packets. Say dropping the new ssh
> connection if the total ssh connection is already 4. any such module in
> iptable ?
>
> Thanks
> --
> To unsubscribe from this list: send the line "unsubscribe netfilter" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at  http://vger.kernel.org/majordomo-info.html
>
>   

Re: is there any module to track total connection ?

[J. Bakshi]

J. Bakshi wrote:
> Hello list,
>
> I am searching for a module which can track the total connection at any
> time and block  more incoming packets. Say dropping the new ssh
> connection if the total ssh connection is already 4. any such module in
> iptable ?
>   

I am answering my own question. the module is connlimit.  but it is not
working here properly. I have done as

`````````````
# default policy drop for in/out/forward#
###############################

iptables -A INPUT -p tcp --syn -i $IFACE --dport $SSH_PORT -m connlimit
! --connlimit-above 2 -j ACCEPT
``````````````

It should block ssh connection from same source IP if already 2
connections are active from that source. But it is not working as
expected. I can log in even 10 ssh with out any problem. Don't know what
might be wron. iptables version is v1.4.2-rc1 in suse 11 box. Any clue ?

Thanks