Limiting number of simultaneous connections
From Notes_Wiki
Limiting number of simultaneous connections using iptables
Using connlimit module
We can use connlimit module of iptables to limit number of simultaneous connections to server in following manner
iptables -I INPUT -p tcp --syn --dport 22 -m connlimit --connlimit-above 1 -j REJECT
This will allow only one ssh connection to server per client.
To limit number of simultaneous connections based on subnets we can use below syntax
iptables -p tcp --syn --dport 22 -m connlimit --connlimit-above 16 --connlimit-mask 24 -j REJECT
This would allow only 16 connections from each /24 network.
