[PLUG] TCP Wrappers and IPs

Carla Schroder carla at bratgrrl.com
Wed Feb 22 00:06:28 UTC 2006


On Tuesday 21 February 2006 15:53, Paul Mullen wrote:
> On Tue, Feb 21, 2006 at 01:36:39PM -0800, Carla Schroder wrote:
>
> >  It does not discriminate on the basis of source address. It simply
> > rate-limits the number of new connections per minute from anywhere. So if
>
> That doesn't seem to be the case in my experience. After three
> consecutive logins from client A, I can switch to client B (on an
> entirely different network) and get through just fine. Unfortunately
> I'm not yet good enough with iptables to explain how/why this is the
> case.
>

When zee mystery she persists, rtfm:
http://www.stearns.org/pomlist/0.2.2-output/pom-combined.html#recent

So it looks like it does check the source IPs and counts them, rather than all 
connections like I thought. Quite ingenious. 

-- 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 Carla Schroder
 check out my "Linux Cookbook", the ultimate Linux user's
 and sysadmin's guide! http://www.oreilly.com/catalog/linuxckbk/
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



More information about the PLUG mailing list