[PLUG] TCP Wrappers and IPs
Carla Schroder
carla at bratgrrl.com
Wed Feb 22 00:06:28 UTC 2006
On Tuesday 21 February 2006 15:53, Paul Mullen wrote:
> On Tue, Feb 21, 2006 at 01:36:39PM -0800, Carla Schroder wrote:
>
> > It does not discriminate on the basis of source address. It simply
> > rate-limits the number of new connections per minute from anywhere. So if
>
> That doesn't seem to be the case in my experience. After three
> consecutive logins from client A, I can switch to client B (on an
> entirely different network) and get through just fine. Unfortunately
> I'm not yet good enough with iptables to explain how/why this is the
> case.
>
When zee mystery she persists, rtfm:
http://www.stearns.org/pomlist/0.2.2-output/pom-combined.html#recent
So it looks like it does check the source IPs and counts them, rather than all
connections like I thought. Quite ingenious.
--
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Carla Schroder
check out my "Linux Cookbook", the ultimate Linux user's
and sysadmin's guide! http://www.oreilly.com/catalog/linuxckbk/
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
More information about the PLUG
mailing list