How To Prevent Concurrent Connections On Linux Using IPTables

Published on: Sat, Oct 24, 2015 at 3:32 pm EST
Linux Guides Networking System Admin

iptables is firewall software that can be found in lots of distributions, including CentOS and Ubuntu. In this doc, you'll see how you can prevent concurrent connections from a single IP address by using iptables. This can improve security and prevent simple DDoS attacks.

Step 1: Verifying IPTables installation

To verify if iptables has been installed, execute:

which iptables

If this returns a path such as /sbin/iptables, then iptables is installed on your system. Otherwise, you can install it by executing apt-get install iptables, or yum install iptables.

If you're running a Debian-based system, install iptables-persistent to be able to easily save and reload iptables:

apt-get install iptables-persistent

Step 2: Adding IPTables rules

While adding the iptables rules, I will explain what every rule does.

iptables -I INPUT -p tcp --dport 80 -i eth0 -m state --state NEW -m recent --set

This rule will check incoming IP connections to the eth0 interface (-i eth0) to port 80.

iptables -I INPUT -p tcp --dport 80 -i eth0 -m state --state NEW -m recent --update --seconds 60 --hitcount 10 -j DROP

This rule will check if this connection is new (no risk) within the last 60 seconds (--seconds 60). It will drop the connection should traffic flow be higher than 10 (--hitcount 10).

Step 3: Saving rules

After adding the rules, you will need to save them and reload iptables. Rules can be saved using iptables-persistent, which we just installed:

service iptables-persistent save
service iptables-persistent reload

You have improved server security by limiting the concurrent connections from an IP address using iptables.

Want to contribute ?

You could earn up to $300 by adding new articles