Ping a Specific Port

Question

Harley

Asked: 2012-03-21 14:46:39 +0800 CST2012-03-21 14:46:39 +0800 CST 2012-03-21 14:46:39 +0800 CST

Limit maximum incoming connections to a port using iptables

772

I have a server that has apache listening on a number of ports. Some ports are used for configuring the server, and another is used to download large files.

My problem is that when I have a large number of clients downloading files, the web interface is uncontactable. I would like to limit the number of clients connecting on the "large file" port so that apache always has available connections to configure the server. A REJECT is fine, the client trying to download the file will back off and retry later. Each client only has one connection open to the server at a time, so limiting by IP won't work.

I know I could put something in front of apache to manage this, but I'd really like to do it in iptables, without adding more software.

1 Answers

Voted

talljosh · Answer 1 · 2012-03-21T15:32:17+08:00

Best Answer

talljosh

2012-03-21T15:32:17+08:002012-03-21T15:32:17+08:00

You could try --connlimit with the --connlimit-mask option to set a mask of 0.

iptables -A INPUT -p tcp --dport XXY -m connlimit --connlimit-above 5 --connlimit-mask 0 -j REJECT

Where XXY is the port that you want to rate-limit connections to.

5

Limit maximum incoming connections to a port using iptables

Can you pass user/pass for HTTP Basic Authentication in URL parameters?

Ping a Specific Port

Check if port is open or closed on a Linux server?

How to automate SSH login with password?

How do I tell Git for Windows where to find my private RSA key?

What's the default superuser username/password for postgres after a new install?

What port does SFTP use?

Command line to list users in a Windows Active Directory group?

What is a Pem file and how does it differ from other OpenSSL Generated Key File Formats?

How to determine if a bash variable is empty?