How To Prevent Concurrent Connections On Linux Using IPTables
iptables is firewall software that can be found in lots of distributions, including CentOS and Ubuntu. In this doc, you'll see how you can prevent concurrent connections from a single IP address by using iptables. This can improve security and prevent simple DDoS attacks.
Step 1: Verifying IPTables installation
To verify if iptables has been installed, execute:
which iptablesIf this returns a path such as /sbin/iptables, then iptables is installed on your system. Otherwise, you can install it by executing apt-get install iptables, or yum install iptables.
If you're running a Debian-based system, install iptables-persistent to be able to easily save and reload iptables:
apt-get install iptables-persistentStep 2: Adding IPTables rules
While adding the iptables rules, I will explain what every rule does.
iptables -I INPUT -p tcp --dport 80 -i eth0 -m state --state NEW -m recent --setThis rule will check incoming IP connections to the eth0 interface (-i eth0) to port 80.
iptables -I INPUT -p tcp --dport 80 -i eth0 -m state --state NEW -m recent --update --seconds 60 --hitcount 10 -j DROPThis rule will check if this connection is new (no risk) within the last 60 seconds (--seconds 60). It will drop the connection should traffic flow be higher than 10 (--hitcount 10).
Step 3: Saving rules
After adding the rules, you will need to save them and reload iptables. Rules can be saved using iptables-persistent, which we just installed:
service iptables-persistent save
service iptables-persistent reloadYou have improved server security by limiting the concurrent connections from an IP address using iptables.