From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: From: Sergey To: ALT Linux kernel packages development Date: Tue, 30 Jan 2007 23:23:08 +0400 User-Agent: KMail/1.9.5 MIME-Version: 1.0 Content-Type: text/plain; charset="koi8-r" Content-Transfer-Encoding: 8bit Content-Disposition: inline Message-Id: <200701302323.08729.a_s_y@sama.ru> X-Virus-Scanned: ClamAV version 0.88.7, clamav-milter version 0.88.7 on relay1.hippo.ru X-Virus-Status: Clean Subject: [d-kernel] =?koi8-r?b?a2VybmVsLWltYWdlLXN0ZC1zbXAtMi42LjE4LWFs?= =?koi8-r?b?dDMgySBpcHRhYmxlcw==?= X-BeenThere: devel-kernel@lists.altlinux.org X-Mailman-Version: 2.1.9rc1 Precedence: list Reply-To: ALT Linux kernel packages development List-Id: ALT Linux kernel packages development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 30 Jan 2007 19:23:25 -0000 Archived-At: List-Archive: List-Post: Приветствую. В мане на iptables имеет место **** * connlimit * Allows you to restrict the number of parallel TCP connections to a server per client IP address (or address * block). * * [!] --connlimit-above n * match if the number of existing tcp connections is (not) above n **** и т.д. Однако даже примеры не работают: # iptables -A INPUT -p tcp --syn --dport 23 -m connlimit --connlimit-above 2 -j REJECT iptables: No chain/target/match by that name Не дособрали ? А штука нужная... -- С уважением, Сергей a_s_y@sama.ru